HISTORY: The 75-cent Clue….
Meet Stoll & Olson
Phone Bill Problem
Even before the vast proliferation of the personal computer, it took a 75-cent accounting error to foreshadow the imminent and global cybersecurity threat of today (Denning, 2017). An innocuous system administrator, Cliff Stoll, at Lawrence Berkeley Laboratory in California, noted in 1989 a modest phone billing error that would highlight the dangers of the growing interconnection of computers and networks in the dawn of the Information Age (Stoll, 2005). Stoll’s forensic activities, working with the Federal Bureau of Investigation (FBI) and the DOD, identified early cyber-espionage activities targeted against the U.S.
While this might not have been the first cyberattack of the Information Age, it is considered a quintessential historical point where the reality of cyber-espionage became more publicly known due to Stoll’s dedicated technical efforts (Maloney, 2017). Stoll’s detective work highlighted the harmful side of the Internet to support illegal activities in a newly ever-connected cyberspace environment (Chesney, 2015; Clarke & Knacke, 2014).
Stoll’s (2005) book, The Cuckoo’s Egg, pinpoints the earliest recorded presence of cyber-threats (Chesney, 2015). Stoll identifies the nature of poorly defended IT environments that pervade even to today. “The security weaknesses of both systems and networks, particularly the needless vulnerability due to sloppy systems management and administration, result in a surprising success rate for unsophisticated attacks” (p. 337). The problem of poorly overseen and monitored IT environments is not a new problem. Weak situational awareness and access to threat intelligence have existed since the beginnings of the Information Age.
Stoll (2005) did not suggest in his book that this early activity as cyberespionage; however, he alludes to an Eastern European and Soviet Union nexus of interest based upon his analysis of this long-running cyber-attack that is the background of his book and its story (Stoll, 2005);“[e]ven more important to the KGB [Soviet Union-era Spy Agency] was obtaining research data about Western technology, including integrated circuit design, computer-aided manufacturing, and, especially, operating system software that was under U.S. export control” (p. 367). Unauthorized access to sensitive U.S. data during the early days of the Internet was a lucrative target by nation-state actions even before the pervasive and ubiquitous nature of modern home computing and connectivity.
We Are Anonymous
Consideration should also be given to the less-organized, but certainly highly capable cyber-threats of the general cyber-hacking community (Olson, 2012). Global hackers have little nationalistic motivation or commitment to any specific nation but too remain a constant threat. While China, Russia, and Iran can be devastating nation-state actors, the vast numbers of less-organized black hat hackers [bad hackers] should not be ignored or forgotten (Allyn, 2019; Olson, 2012; Starr, 2015; Stoll, 2005).
Olson’s (2012) book, Anonymous, captures and describes the early exploits of the decentralized cyber-group known as Anonymous and the dangers they pose. One example occurred in 2011 against an individual and his company, Mr. Aaron Barr. Mr. Barr, a former U.S. Navy signals intelligence officer, began working as a consultant for HBGary Inc., a security consulting firm focused on the concerns of computer protection and security (Olson, 2012). To actively launch his career in the private sector, he began to venture into the world of the dark web Internet chatrooms and the amorphous entity of hackers known as Anonymous. Barr was able to assemble an extensive report outlining the major Anonymous players, their activities, and locations. He was able to identify physical locations and true names of certain Anonymous members based upon his technical knowledge and analysis (Olson, 2012).
Subsequently, Mr. Barr’s report was published by the Financial Times of London. The FBI also noted Mr. Barr’s report in the Financial Times and approached him for more details of his findings (Olson, 2012). The FBI was very involved and interested in early cyber-espionage activities focused against the U.S. Barr’s work would assist them in a growing area of concern of national security protection measures to include the threats from cyberspace (Olson, 2012). The publication of his findings appeared as a likely career success story for Mr. Barr; however, it was short-lived.
Barr’s international publication did not go unnoticed by members of Anonymous with concerns about its legal implications; Barr’s efforts posed a direct threat to their group and drew a quick response by a subgroup of Anonymous members known as LulzSec; “in their homes and time zones around the world, [Anonymous/ LulzSec] got ready to pounce” (p. 19). They did not appreciate the possibility that their fellow hackers might be led off in handcuffs—to include themselves (Olson, 2012).
LulzSec members focused their attention on Mr. Barr, his company, and his personal life. They were able to penetrate his company servers with hacking exploits and immediately began disassembling his life and career (Olson, 2012). LulzSec and other Anonymous elements started sharing his personal information to its community to include his Social Security Number, his phone numbers, and home address; Barr had become an individual target of the infamous group, but certainly not the last (Olson, 2012). Anonymous and LulzSec appeared true to their haunting motto: “We are Anonymous/ We are Legion/ We do not forgive/ We do not forget/ Expect us” (p. 7).
The history of the cyber-threat is an ongoing story with changing targets, complexities, and responses (Clarke & Knacke, 2014; Kaplan, 2016; Starr, 2015; Stoll, 2005). Cyber-threats appeared even before the pervasiveness of the home computer. The threats are both highly structured, such as the nation-state attackers, and unstructured rogue cyber-attackers from the spotty assaults of what is characterized widely as Anonymous. It is because of these threats that there is a constant demand for serious means and methods to better identify and stop these attacks against national and global IT infrastructures.
References
Allyn, B. (2019, August 20). 22 Texas towns hit with ransomware attack in ‘new front’ of cyberassault. National Public Radio. Retrieved from https://www.npr.org/2019/08/20/752695554/23-texas-towns-hit-with-ransomware-attack-in-new-front-of-cyberassault
Chesney, R. (2015, October 13). Cybersecurity in 1989: Looking back at Cliff Stoll’s classic The Cuckoo’s Egg [Blog post]. Lawfare. Retrieved from https://www.lawfareblog.com/cybersecurity-1989-looking-back-cliff-stolls-classic-cuckoos-egg
Clarke, R. A., & Knake, R. K. (2014). Cyber war. New York, NY: Harper Collins.
Denning, D. (2017, August 18). Tracing the sources of today’s Russian cyberthreat. Scientific America. Retrieved from https://www.scientificamerican.com/article/tracing-the-sources-of-today-rsquo-s-russian-cyberthreat/
Kaplan, F. (2016). Dark territory: The secret history of cyber war. New York, NY: Simon & Schuster.
Olson, P. (2012). We are anonymous: Inside the hacker world of LulzSec, Anonymous, and the global cyber insurgency. New York, NY: Little, Brown, and Company.
Starr, B. (2015, July 31). Military still dealing with cyberattack ‘mess.’ CNN. Retrieved from https://www.cnn.com/2015/07/31/politics/defense-department-computer-intrusion-email-server/index.html
Stoll, C. (2005). The cuckoo’s egg: Tracking a spy through the maze of computer espionage. New York, NY: Simon and Schuster.
Stoll, C. (1988, May). Stalking the wily hacker. Communication of the ACM, 31(5), 484–497. Retrieved from http://mars.umhb.edu/~wgt/cisc4370/wilyhacker.pdf
Ms. Columbus has worked in the Intelligence Community (IC) for over 20 years. She retired from the US Air Force in 2014 after working as a Senior Advisor providing authoritative advice on all aspects of Cyberspace operations, force structure and organizational concepts. She oversaw strategic support activities to enable the right mix of cyber capabilities for future operations.
