Copy Link
Add to Bookmark
Report

Computer Undergroud Digest Vol. 02 Issue 16

  



****************************************************************************
>C O M P U T E R U N D E R G R O U N D<
>D I G E S T<
*** Volume 2, Issue #2.16 (December 10, 1990) **
*> SPECIAL ISSUE: "ATLANTA THREE" SENTENCING MEMORANDUM <*
****************************************************************************

MODERATORS: Jim Thomas / Gordon Meyer (TK0JUT2@NIU.bitnet)
GENERALIST: Brendan Kehoe (BRENDAN@CS.WIDENER.EDU)
ARCHIVISTS: Bob Krause / Alex Smith

USENET readers can currently receive CuD as alt.society.cu-digest.

COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing
information among computerists and to the presentation and debate of
diverse views. CuD material may be reprinted as long as the source is
cited. Some authors, however, do copyright their material, and those
authors should be contacted for reprint permission.
It is assumed that non-personal mail to the moderators may be reprinted
unless otherwise specified. Readers are encouraged to submit reasoned
articles relating to the Computer Underground.
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
DISCLAIMER: The views represented herein do not necessarily represent the
views of the moderators. Contributors assume all responsibility
for assuring that articles submitted do not violate copyright
protections.
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

The following is the prosecution's sentencing memorandum submitted to the
judge. Although it specifies that the defendants were cooperative and
requests a "downward" departure from the sentencing guidelines, it
nonetheless requests prison time. In our view, the sentence was unduly
harsh, and the memorandum reflects a number of substantial inaccuracies,
distortions, and questionable arguments in making the claim that prison is
necessary. In the next issue of CuD (2.17), we will print two responses to
this memo, including that of the EFF.

The first issue of EFF NEWS, the official newsletter of the Electronic
Frontier Foundation, will be distributed this week. More detailed
information on this, including how to obtain it, will be in the next issue.

The sentence was imposed Friday, November 16, 1990. Robert Riggs received
a sentence of 21 months incarceration. Franklin E. Darden, Jr., and Adam
E. Grant each received 14 months incarceration (seven months of it to be
served in a half-way house). All were additionally required to pay
$233,000 each in restitution, but all are responsible for the full sum of
about $700,000 should any of the others default. For a complete discussion
of the sentence, see John and Barbara McMullen's article in CuD 2.14.

********************************************************************

IN THE UNITED STATES DISTRICT COURT

FOR THE NORTHERN DISTRICT OF GEORGIA

ATLANTA DIVISION

UNITED STATES OF AMERICA :
: CRIMINAL ACTION
v. :
: NO. 1:90-CR-31
:
ADAM E. GRANT, a/k/a The :
Urvile, and a/k/a Necron 99, :
FRANKLIN E. DARDEN, JR., a/k/a :
The Leftist, and :
ROBERT J. RIGGS, a/k/a :
The Prophet :

GOVERNMENT'S SENTENCING MEMORANDUM AND S.G. SS 5K1.1 MOTION

Now comes the United States of America, by and through counsel
Joe D. Whitley, United States Attorney for the Northern District
of Georgia, and Kent B. Alexander, Assistant United States Attorney
for the Northern District of Georgia, and shows the court the
following:

From September 1987 through July 21, 1989, the defendants
regularly broke into proprietary telephone computer systems, stole
access information, distributed that information toothers
throughout the country, and, in the process, regularly used
unauthorized long distance/data network services. In all, they
stole approximately $233,880 worth of logins/passwords and connect
addresses (i.e., access information) from BellSouth. BellSouth
spend approximately $1.5 million in identifying the intruders into
their system and has since then spent roughly $3 million more to
further secure their network.

Although the government is going to recommend a downward
departure from the Sentencing Guidelines, the three defendants
are clearly criminals who have caused a significant amount of damage


- 1 -

and should be punished accordingly. Moreover, the computer
"hacker"%1% world is watching this case very closely, and the Court
should send a message that illegal computer hacking activities will
not be tolerated.

In this sentencing memorandum the government will describe the
investigation in the case, summarize some of the evidence that
would have been presented at trial, and describe the defendants'
cooperation. Finally, the government will emphasize the role this
case has played and will continue to play in curbing abuses in the
hacker community.

I. _THE INVESTIGATION_

In June of 1989, a computer threat and a computer intrusion sparked
a massive federal investigation into the computer hacking
activities of a self-proclaimed elite group of roughly 20 hackers
called "Legion of Doom." The threat involved an anonymous all to
an Indiana Bell security representative from a computer hacker. The
hacker, who has since been identified as an associate of the
defendants, will e called "John Doe" for purposes of this
memorandum. John Doe said that five telephone switches (telephone
company computers that route calls) would be programmed to shut
down the telephone system throughout the country. AT&T
investigators conducted a nationwide search and discovered "logic"


________________________
%1%The government uses the term "hacker" to describe a person
who uses computers for criminal activity. The Court should note,
however, that the term "hacker" can also be used to describe
legitimate computer users. At one time all computer users were
known as "hackers," and some computer users still identify
themselves as "hackers."

- 2 -

bombs" (time delayed programs) in AT&T computers located in
Colorado, Georgia, and New Jersey. The logic bombs were programmed
to shut down service in portions of those states.

Aside from the hacker logic bomb threat, a June 1989 intrusion into
the BellSouth network also prompted the federal investigation.
A computer hacker broke into the BellSouth network and rerouted
calls from a probation office in Delray Beach, Florida to a New
York Dial-A-Porn number. Although creative and comical at first
blush, the rerouting posed a serious threat to the security of the
telephone system. If a hacker could reroute all calls to the
probation office, he or she could do the same to calls placed to
this Court, a fire station, a police station or any other telephone
customer in the country. Again, none of the three defendants are
implicated in this dangerous prank, though an investigation of the
intrusion ultimately led investigators to the illegal activities
of the three defendants and other members of a self-proclaimed
elite group of hackers called the Legion of Doom. The Legion of
Doom is described in a hacker "magazine" article filed separately
as _Government Exhibit A_.

In mid-June 1989, BellSouth%2% assembled a major security task
force consisting of 42 full-time employees to investigate the
intrusions. It assigned the employees to work 12-hour round-the-
clock shifts for nearly a month. To BellSouth's credit, the
management decided to go public with the intrusions by alerting the

________________________

%2%For purposes of this memorandum, "BellSouth" also refers to
Southern bell Telephone and Telegraph Company and BellSouth
Advanced Network, subsidiaries of BellSouth.

- 3 -

United States Secret Service%3%.

On June 21, 1990 %sic%, a confidential "hacker" informant admited
that "The Urvile" in Atlanta (defendant Adam Grant) had provided
him with the access information necessary to break into the
BellSouth computer network. Based on that evidence and further
investigation, this office and the Secret Service arranged for a
court-authorized dial number recorder ("DNR") (i.e., pen register)
to be placed on the telephone lines of defendants Adam E. Grant,
Franklin E. Darden, Jr., and Robert J. Riggs.

From July 11 through July 21, 1989, a pattern emerged showing
that all three defendants were making outgoing calls and "looping"
the calls around the country and into the BellSouth computer
network. "Looping" is a system hackers use to transfer their calls
through a number of telephone companies and data networks (e.g.,
Telenet) to gain free telephone service and to avoid detection by
the authorities. The defendants would often start their loops by
patching into the Georgia Tech computer system, courtesy of access
numbers provided by defendant Grant. After looping the calls,
defendants used unauthorized connect addresses and logins/passwords
to break into the BellSouth system. Connect addresses are the
computer equivalent of a street address and logins/passwords are
like keys to houses (computers) on the street. The DNR records

________________________

%3%All computer systems using modems (telephone computer links)
are susceptible to computer hacker break-ins, but most companies
do not "go public" when break-ins occur for fear of bad publicity.
Unfortunately, when companies pretend such problems do not exist,
other companies develop a false sense of security with regard to
hacker intrusions. Fortunately, BellSouth took the public route.

- 4 -

also revealed that the defendants were speaking with one another
and with backs from all around the country. Once BellSouth pin-
pointed the break-ins and determined that the hackers were
downloading BellSouth information (i.e., stealing information and
copying it into their own system), the Secret Service had enough
information to obtain a search warrant.

On July 21, 1989, the Secret Service executed search warrants
on all of the defendants' residences. At the same time, the Secret
Service executed a search warrant in Indiana on the home of the
"John Doe" hacker mentioned above. That hacker has since been
charged and convicted on computer fraud charges.

During the searches, the Secret Service uncovered thousands
of pages of proprietary telephone industry information, hundreds
of diskettes, a half-dozen computers and reams of incriminating
notes. After BellSouth and the Secret Service analyzed all the
evidence and interviewed the defendants and other hackers, the
government was able to piece the case together and seek an
indictment from the grand jury.

II. _THE EVIDENCE_

A. _What the Evidence Generally Shows_

If the case had gone to trial, the evidence would have shown
that defendants Grant, Darden and Riggs used a variety of methods
to break into the BellSouth telephone systems. To start, they and
other Legion of Doom ("LOD") members would go "trashing" or
"dumpster diving" (i.e., scavenging through dumpsters) behind
BellSouth offices, usually in the dead of night. They took memos,

- 5 -

printouts, and other documents. Additionally, when back at their
personal computers, they created hacking programs to break into the
BellSouth systems and obtained access information from fellow
hackers. Using all of these tools, the defendants broke into over
a dozen BellSouth computer systems. Once in the systems, the
defendants would scan the files for information they wanted to
steal and get into other computer systems of other entities,
including Credit Bureaus, hospitals, banks%4% and other private
corporations.

Among other information, the defendants downloaded BellSouth
passwords and connect addresses which they could later use to
return into the particular system they were scanning or to get into
other systems. Defendants also downloaded subscriber information
on individual customers. By getting subscriber information, the
defendants could change customer services (e.g., call waiting) and
obtain access to Credit Bureau information. Defendants Grant and
Darden also figured out how to wire tap telephone calls using a
BellSouth computer system called LMOS. Darden admits monitoring
friends' calls, but claims to have only done it with the knowledge
of the friends. Evidence recovered from Grant's dorm room
indicates that he monitored calls as well. The government has no
direct evidence that defendant Riggs monitored calls, though the
Secret Service did recover LMOS access information in the search
of Riggs' residence.

________________________

%4%During a meeting with the Secret Service, defendant Grant
admitted breaking into a bank in the State of Texas and altering
deposit records.

- 6 -

The defendants and other LOD members freely exchanged
information they stole from BellSouth. Although it does not appear
that defendants themselves used this information to transfer any
money to themselves, they clearly exploited the services of the
telephone companies and data networks when making and receiving
hundreds of hours of free long distance service.

During the course of the conspiracy, the defendants and other
LOD members illegally amassed enough knowledge about the
telecommunications computer systems to jeopardize the entire
telephone industry. During one interview, defendant Darden
nonchalantly revealed that the defendants could have easily shut
down telephone service throughout the country.

The defendants freely and recklessly disseminated access
information they had stolen. By doing so, they paved the way for
others to easily commit fraud. For instance, in early 1989, Adam
Grant introduced defendants Robert Riggs and Frank Darden to a 15-
year old hacker, already identified as "John Doe." Based largely
on the information from the defendants, John Doe managed to steal
approximately $10,000. Basically, Doe used the information from
the defendants to reroute calls, enter Credit Bureaus, and have
Western Union ire money from credit card accounts captured from
the Credit Bureau records.

Defendants claimed that they never personally profited from
their hacking activities, with the exception of getting
unauthorized long distance and data network service. At the very
least, however they should have foreseen the activity of people

- 7 -

like John Doe, particularly in light of articles on computer
hacking, stealing and fraud which they collected and authored (some
of which are described in Section B below).

Defendants disseminated much of their knowledge and stolen
information posting the information on electronic bulletin board
services ("BBS's"). A BBS is a computerized posting service
allowing hackers to post messages to one another, usually 24 hours
a day. Most BBS's around the country are perfectly legal and allow
legitimate computer users to communicate with each other. The LOD
created a BBS named "Black Ice," however, primarily to foster
fraudulent computer activities. Excerpts from the Black Ice BBS
are filed separately hereto as _Government Exhibit B. A review of
the Black Ice printouts reveals that defendants all realized that
braking into the telephone computer systems was illegal and that
they took precautions not to get caught. Of great concern are the
frequent references to law enforcement and national security
computer systems.
B. _Specific Examples of Items Recovered from Each Defendant_

A brief review of some of the evidence recovered from each of
the defendants' residences during the July 21, 1989, searches will
shed further light on the criminal nature of their conduct. Please
bear in mind, however, that what follows is a description of only
a very small portion of the immense amount of material recovered
from each defendant.
1. _ADAM E. Grant_
--Hundreds of telephone numbers, connect addresses,
logins/passwords, and loops for various Bell

- 8 -

computer systems.

-- Files on how to hack voice mail, how to hack Bell
company passwords, war dialing programs, time bombs,
Georgia Tech computer accounts.

-- Articles and tutorials on a number of topics. The
articles outline information about a topic, while
tutorials outline how-to steps to accomplish
specific objectives (e.g., stealing access codes).
Grant had articles and tutorials on hacking into the
telephone system, building blue boxes (i.e., devices
that simulate computer tones and allow free
telephone access), using "loops," using Telenet,
getting "root" access to BellSouth systems, (i.e.,
free run of the system), planting "trojan horses"
into UNIX (a trojan horse is essentially a time lapsed
computer program and UNIX is the computer system
used by BellSouth). Some article/tutorials titles
include "Building Blue Boxes," "How to Rip off Pay
Stations," "Hacking Telco Outside Plant," "Hacking
Satellite Transponders," Defeating the Total
Network," "UNIX Security Issues," and "UNIX for the
Educated" by Urvile.

-- One article specifically addressed malicious damage
to and slowing down of a UNIX system. This article
is noteworthy because it includes details on how to
bring a central office of the telephone system "to
its knees" by inserting a program to continually
make directories on a disk until the switch (i.e.,
BellSouth office computer that routes phone calls)
runs out of disk space.

-- Three letters to Grant from Georgia Tech complaining
about his abuse of the system. The letters,
attached as _Exhibit C_, indicate that Georgia Tech
was very concerned about Grant's abuses of their
system.

-- Credit Bureau report on Bruce Dalrymple. Grant
tutored the former Georgia Tech basketball star and
broke into the Credit Bureau to get Dalrymple's
credit history. Grant and the other defendants
essentially had the power to review millions of
citizens' credit histories by breaking into Credit
Bureaus.

-- Numerous phone numbers of military installations.

-- Detailed information on LMOS, the system through
which Darden and Grant tapped into other parties'

- 9 -


computer systems.


-- AT&T Mail access numbers.

-- MCI credit card access numbers.

-- Telenet system addresses.

-- List of user accounts on the Georgia Tech computer
system.

2. _FRANKLIN E. DARDEN

-- Hundreds of telephone numbers, connect addresses,
logins/passwords, and loops for various Bell
computer systems.

-- Files on Secret Service interrogation methods,
computer-related laws/arrests, methods to defraud
long distance carriers, and social engineering
(getting information by pretending to work for the
phone company).

-- Articles and tutorials on blue and silver boxing,
hacking voice mail systems, tapping a neighbors'
phone, blue boxing, "military boxing" installing
small transmitters on neighbors' terminal boxes.
Titles of some of the articles included "How to Make
Flash Bombs," "Hacking Voice Mail Systems," Hacking
the Hewlett-Packard 3000 Computer," and "Art of Blue
Box Construction."

-- Extensive information on LMOS, including tutorials
and handwritten notes concerning illegally wire
tapping telephone lines.

-- Sprint codes and Telenet addresses and passwords.

-- Unauthorized Credit Bureau reports on other
individuals stolen from CBI.

-- Information on credit card fraud using Western
Union. Interestingly, the John Doe mentioned above
spoke with Darden many times concerning computer
information and ultimately devised a credit card
fraud scheme using Western Union Wires.

-- A listing of credit card fraud laws in Michigan.

- 10 -

-- UNIX tutorial by The Urvile.

3. _ROBERT RIGGS_

-- Hundreds of telephone numbers, connect addresses,
logins/passwords, and loops for various Bell
computer systems.

-- File on "netcatch.c" a program designed to
eavesdrop on computer-to-computer communications.

-- Articles and tutorials concerning hacking passwords,
understanding telephone security systems, and
understanding voicemail systems. The articles
tutorial titles included "Hacking COSMOS Part 2,"
"BellSouth's central System for Main Frame
Operations," "MVS from the Ground Up" by Riggs, and
"UNIX Use and Security from the Ground Up" by Riggs.

-- The E911 file. This file which is the subject of
the Chicago indictment, is noteworthy because it
contains the program for the emergency 911 dialing
system. As the court knows, any damage to that very
sensitive system could result in a dangerous
breakdown in police, fire, and ambulance services.
The evidence indicates that Riggs stole the E911
program from BellSouth's centralized automation
system, AIMSX. Riggs also managed to get "root"
privileges to the system (i.e., free run of the
system). Bob Kibler of BellSouth Security estimates
the value of the E911 file, based on R&D costs, is
$24,639.05.

-- Handwritten note listing Riggs' top three goals:
"Learn LMOS" %the system connected to monitoring
phone lines%; "Learn PREDICTOR" %the BellSouth
mechanized system concerning maintenance of
telephone systems outside of the main office%; and
%Learn C Programming" %computer programming%.

-- Sprint access information

-- Password hacking programs.

-- Urvile's COSNIX tutorial (a how-to lesson relating
to breaking into a BellSouth system).

All three defendants obviously stored significant amounts of
information in their home relating to illegal activities. In

- 11 -

fairness to defendant Riggs, however, the Court should know that
Rigs had less evidence of illegal activity than Grant and Darden.
Apparently, defendant Riggs temporarily ceased illegal computer
activities after his computer fraud conviction in North Carolina
and parted company with some of his records. Eventually, however,
he again started to break into the BellSouth computer systems. By
the time of the search on July 21, 1989, rant, Darden and Riggs
were breaking into bellSouth computer systems and other computer
systems at will and were routinely downloading information.

III. _DEFENDANTS' PRIOR CONDUCT_

All of the defendants have been "hacking" for several years.
Defendant Riggs, however, is the only one with a prior conviction.
That conviction is described in _Government Exhibit D_ (filed
separately).

IV. _DEFENDANT'S COOPERATION AND THE GOVERNMENT'S RECOMMENDATION
OF A DOWNWARD DEPARTURE_

All three defendants have provided significant cooperation
that has fueled further investigation into the activities of a
number of computer hackers around the country. In light of the
substantial assistance each defendant has provided, as described
below, the government movees for this Court to make a downward
departure pursuant to S.G. 5K1 in the amount of three levels for
defendants Grant and Darden and two levels for defendant Riggs.

A. _Cooperation of Adam E. Grant_

1. July 21, 1989 - After the search of his residence,
Grant gave a statement to the United States Secret Service. He was

- 12 -

not forthcoming and generally denied any wrongdoing. By the time
he pled guilty, however, Grant had realized the severity of the
crime and was very forthcoming with helpful information.

2. July 16, 1990 - Grant spent approximately 2-3 hours
meeting with Assistant United States Attorneys from Chicago
regarding the Craig Neidorf Case. Grand provided valuable
information to assist in the prosecution of the case. Grant agreed
to testify, though when the prosecutors called him at the last
minute to fly to Chicago, he declined because of his school
schedule. Ultimately, the Chicago office did not need him to
testify.

3. August 9, 1990 - Grant met with a number of Secret
Service agents and representatives of BellSouth to discuss all
aspects of the investigation in Atlanta and divulge information
about other members of the Legion of Doom. The meeting lasted more
than 8 hours and Grant provided a substantial amount of helpful
information. Special Agent William Gleason says that Grant was
very cooperative.

4. October 8, 1990 through October 10, 1990 - Grant
traveled to Detroit, Michigan to meet with investigators and a
prosecutor there regarding the investigation of a fellow Legion of
Doom member. While there, he testified before the grand jury.
According to Assistant United States Attorney David Debold, Grant
was cooperative.

5. October 12, 1990 - Grant met for approximately 4
hours with BellSouth security officers. He discussed a number of

- 13 -

matters, including what he believed could be future hacking efforts
against BellSouth and measures BellSouth should take to protect
their system.

- 14 -

B. _Cooperation of Franklin E. Darden, Jr._

1. July 21, 1989 - After the search of his residence,
Darden provided a very detailed statement to the United States
Secret Service describing his activities and the activities of the
Legion of Doom. Based in part on that statement, the Secret
Service and BellSouth were able to further their investigation into
the identities and illegal acts of other members of the Legion of
Doom.

2. July 24, and July 28 - Darden volunteered to
meet and did meet with the Secret Service and the undersigned
counsel and thoroughly answered all questions posed to him.
Particularly in the early stages of cooperation, Darden provided
more helpful information than any defendant.

3. July 1990 - Darden traveled to Chicago and spent
three days waiting to testify and occasionally meeting with
Assistant United States Attorneys. The Chicago authorities called
him one morning during work, and Darden flew to Chicago by that
evening. Although Darden did not have to testify, he was ready and
willing to do so. Also, he had met with the Chicago prosecutors
a week or so earlier in Atlanta.

4. August 7, 1990 - Darden met in the Atlanta field
office of the Secret Service with Secret Service agents, BellSouth
representatives and other investigators. The meeting lasted most
of the day. According to Special Agent William Gleason,Darden was
very forthcoming and provided valuable leads for other cases.
5. October 1990 - Darden traveled to Detroit Michigan

- 15 -

to meet with investigators and the prosecutors there regarding the
investigation of a fellow Legion of Doom Member. He also testified
before the grand jury. According to Assistant United States
Attorney David Debold, Darden was very cooperative and offered
evidence that will be very useful in prosecuting the Detroit
hacker.

C. _Cooperation of Robert J. Riggs_

1. July 21, 1989 - After the search of his residence,
defendant Riggs provided a very detailed statement to the United
States Secret Service describing his activities and the activities
of the Legion of Doom. Based in part on that statement, the Secret
Service and BellSouth were able to further their investigation into
the identities and illegal acts of other members of the Legion of
Doom.

2. May 23, 1990 - Defendant Riggs met with Chicago
Assistant United States Attorneys and the undersigned counsel to
discuss the case generally and the activities of other Legion of
Doom members. Mr. Riggs provided helpful leads in pursuing other
hackers.


3. July 17, 1990 - Riggs met again with two Assistant
United States Attorneys from Chicago who were in Atlanta and spent
several hours discussing the prosecution of Craig Neidorf and
related computer hacker matters. The prosecutors found Mr. Riggs'
statements very helpful.

4. July 1990 - Riggs traveled to Chicago and was there
for several days before his testimony in that case. The testimony

- 16 -

was somewhat helpful, though the prosecutors felt defendant Riggs
was holding back and not being as open as he had been in the
earlier meeting.

5. August 8, 1990 - Riggs met in the Atlanta field
office of the Secret Service agents, BellSouth representatives, and
other investigators from around the country. The meeting lasted
roughly 5 hours. According to Special Agent William Gleason, Riggs
was less forthcoming than either Darden or Grant and seemed to have
more of a problem recalling details. He did, however, provide some
helpful information.


6. October 13, 1990 - Riggs traveled to Detroit,
Michigan to meet with investigators and the prosecutor there
regarding the activities of a fellow member of the Legion of Doom.
He also testified before the grand jury. According to Assistant
United States Attorney David Debold, Riggs was helpful, but Mr.
Debold had a difficult time prying information from Riggs without
asking very specific questions. Mr. Debold said he did not know
whether Riggs was evasive or simply quiet.

Defendant Riggs strikes the undersigned counsel as an
unusually quiet and pensive person. Throughout the investigation,
he has been cooperative, but because of his nature, he sometimes
comes across as uninterested and evasive. The bottom line is that
he provided helpful information that furthered several
investigations around the country, though his assistance was not
as substantial as that of Grant and Darden; hence the
recommendation of only a two-level departure.

- 17 -

V. _DEFENDANTS' MOTIVATION_

All three defendants belonged to the self-proclaimed elite
group of hackers called Legion of Doom. As described in _Exhibit_
_A_, 15 members of this group lived in cities throughout the country
and used personal computers and modems to break into a host of
other computer systems. Their main motivation: To obtain power
through information and intimidation. Basically, they wanted to
own "Ma Bell."

In their quest for power, the defendants and other LOD members
in the group fixated on the telephone industry for two reasons.
First, the telephone industry has one of the most complicated and
challenging computer systems in the world. Second, telephones link
all computers throughout the world to each other and a mastery of
the telephone system would allow the defendants to break into
computer systems virtually anywhere. The defendants and other LOD
members engaged in an arcane game of technological one-upmanship.
Whoever could break into the most systems and steal the most
information would be considered the superior hacker. For instance,
LOD members were designated at certain levels (e.g., The Urvile,
Level 8) to reflect their degree of expertise.

Once the defendants figured out how to master a computer
system, they would often assert their bragging rights by
documenting their methods of break-ins and sharing the information
with hackers around the country. Although each defendant claims
to have carefully restricted access to the information, there could
be no realistic safeguards. From the start, the information was

- 18 -

stolen and, by definition, no longer safeguarded. Moreover, the
defendants commonly made the information available to all hackers
who happened to access the computer bulletin board service they
were using. A case in point is John Doe of Indiana who stole the
approximately $10,000 by using information provided by the
defendants.

In essence, stolen information equalled power, and by that
definition, all three defendants were becoming frighteningly
powerful.

VI. _THE GOVERNMENT'S RECOMMENDATION AND THE NEED TO SEND A MESSAGE_
_TO THE COMMUNITY_

Computer hackers around the country are closely following the
outcome of this case in light of the probated sentence of the last
federally prosecuted adult criminal hacker, Rober Morris, Jr.
Any sentence that does not include incarceration would send the
wrong message to the hacking community; that is, that breaking into
computer systems and stealing information is not really a crime.

As the Court may recall, Mr. Morris created a computer virus
which began multiplying out of control and infected hundreds of
computers around the country. The case garnered national attention
because it was one of the first computer fraud prosecutions to
focus the public's eye on the very real dangers of computer
hacking.

Computer bulletin board services (BBS's) around the country
were buzzing about the _Morris_ case. For instance, two printout
pages of one BBS, filed separately as _Government Exhibit E_, will

- 19 -

give the Court an idea of how closely hackers follow these matters.
A hacker named The Mentor noted that if Morris was sentenced to do
time, "it'll be a *very* bad precedent." Another hacker, Eric
Bloodaxe, responded "Hell, maybe it IS time to start doing all the
terrible things I always had the capabilities to do..." A hacker
named Ravage commented that he heard the prosecution had had a hard
time showing Morris' malicious intent and noted that if that was
true, "I doubt he will get any time. Probably a fine, community
service, or probated time." The Urvile (the hacker name used by
defendant Grant) aid, "The virus will hurt us (the hacking
community) a tremendous among in the future." He went on to say
that "even if the courts are lax on him (orris), which is the only
silver lining i can think of, then security on all systems is going
to increase. we don't need that. not one bit."

The government does not have ready access to any printouts
from BBS's following the Morris sentencing, thought hackers and
computer experts recall general hacker jubilation when the judge
imposed a probated sentence. Clearly, the sentence had little
effect on defendants Grant, Riggs, and Darden.

The undersigned counsel met with each of the three defendants,
and all three have been very cooperative and remorseful. The
defendants, however, have literally caused BellSouth millions of
dollars in expenses by their actions. Moreover, they knew
throughout their hacking activities that they were engaging in
illegal conduct as they broke into untold numbers of telephone and
non-telephone computer systems. Because of that conduct and the

- 20 -

message that the hackers around the country need to hear, the
government strongly urges this Court to include incarceration as
part of the sentence. The government will make a more specific
recommendation at the time of sentencing.


Respectfully submitted,

JOE D. WHITLEY
UNITED STATES ATTORNEY


KENT B. ALEXANDER
ASSISTANT UNITED STATES ATTORNEY
1800 United States Courthouse
75 Spring Street, S.W.
Atlanta, Georgia 30335

Georgia Bar No. 008893


- 21 -

********************************************************************

------------------------------

**END OF CuD #2.16**
********************************************************************




← previous
next →
loading
sending ...
New to Neperos ? Sign Up for free
download Neperos App from Google Play
install Neperos as PWA

Let's discover also

Recent Articles

Recent Comments

Neperos cookies
This website uses cookies to store your preferences and improve the service. Cookies authorization will allow me and / or my partners to process personal data such as browsing behaviour.

By pressing OK you agree to the Terms of Service and acknowledge the Privacy Policy

By pressing REJECT you will be able to continue to use Neperos (like read articles or write comments) but some important cookies will not be set. This may affect certain features and functions of the platform.
OK
REJECT