Markus Hess

Last updated
Markus Hess
Born (1960-01-01) January 1, 1960 (age 64)
Germany
Nationality German
Occupation Programmer
Known for Computer security hacking

Markus Hess is a German hacker who was active in the 1980s. Alongside Dirk Brzezinski and Peter Carl, Hess hacked into networks of military and industrial computers based in the United States, Europe and East Asia, and sold the information to the Soviet KGB for US$54,000. [1] During his time working for the KGB, Hess is estimated to have broken into 400 U.S. military computers. [2] The hacked material included "sensitive semiconductor, satellite, space, and aircraft technologies". [3]

Contents

Lawrence Berkeley Laboratory

Hess's hacking activities were discovered in 1986 by Clifford Stoll, an astronomer turned system administrator of the computer center of the Lawrence Berkeley Laboratory (LBL) in California. Stoll's first job duty was to track a 75-cent accounting error in the LBL system. [4] Early in his investigation, Stoll discovered that the LBL computer system was compromised and that the hacker had obtained root, or system privileges. Such a security compromise was more important than the accounting error. Stoll eventually discovered how the hacker broke in and identified the hacker's activities on the system. LBL management considered attempting to seal off the system from this hacker, but Stoll and his colleagues convinced LBL's management that this would not be effective. Ultimately, they installed a honeypot to ensnare the hacker. [5] [6]

Getting in

Hess' initial activities started at the University of Bremen in Germany through the German Datex-P network via satellite link or transatlantic cable to the Tymnet International Gateway. [7] Tymnet was a "gateway" service that a user called into that routed them to any one of a number of computer systems that also used the service. Tymnet was one of a number of services available that provided local telephone numbers, where directly accessing the computer would have been a long-distance call. Users normally used packet switching services like Tymnet for their lower costs. Once he accessed Tymnet, Hess branched out to the Jet Propulsion Laboratory in Pasadena, California, and to the Tymnet Switching System. It was through this switching system that he accessed the LBL computers. [8]

Hess was able to attack 400 U.S. military computers by using LBL to "piggyback" to ARPANET and MILNET. [9] ARPANET was a civilian wide area network created by the Department of Defense, which would later become what is now known as the Internet. MILNET was its military counterpart.

Targets

The facilities that Hess breached included: [10]

Tracking Hess and his capture

Stoll, with the help of local authorities, traced the call to a Tymnet switch in Oakland, California. Because the call came from Oakland rather than Berkeley, it was obvious that the hacker was not working local to the university. Tymnet officials helped LBL trace the various calls, even though the hacker attempted to conceal their origin. Enlisting the aid of AT&T and the Federal Bureau of Investigation (FBI), Stoll eventually determined that the calls were being "piggybacked" across the United States, but originating from Hanover, Germany. [11]

Stoll trapped Hess by creating records of a bogus military project conducted on LBL computers; according to The Cuckoo's Egg , he and his girlfriend conceived this plan while showering, giving it the unofficial name of "Operation Showerhead". While the bogus information was convincing, the primary goal was simply to keep the hacker connected long enough to trace his connection, and with the hope that the hacker might send a written request for further information listed as available in hard copy. This simple technique worked: a request for the additional information was received from a Pittsburgh, Pennsylvania address. [12]

At the time, this type of hacking was unheard of, and it was a considerable challenge to get the cooperation of the FBI and the West German government. Eventually, the West German authorities were able to break in and arrest Hess. Hess went to trial in 1990, and Stoll testified against him. Hess was found guilty of espionage and was given a 20-month suspended sentence. [13] [14]

Literature and films

After Hess's capture, Stoll wrote about his efforts to track and locate Hess in a technical paper "Stalking the Wily Hacker" for the journal Communications of the ACM [15] and a book The Cuckoo's Egg [12] for the general public. The Cuckoo's Egg was adapted into a 1990 Nova episode "The KGB, The Computer, and Me". [16]

" 23 ", a semi-fictional 1998 German movie about the incident, merges Hess with another hacker into a single character, David.[ citation needed ]

See also

Related Research Articles

The Association for Computing Machinery (ACM) is a US-based international learned society for computing. It was founded in 1947 and is the world's largest scientific and educational computing society. The ACM is a non-profit professional membership group, reporting nearly 110,000 student and professional members as of 2022. Its headquarters are in New York City.

<span class="mw-page-title-main">Hacker</span> Person skilled in information technology

A hacker is a person skilled in information technology who achieves goals by non-standard means. Though the term hacker has become associated in popular culture with a security hacker – someone with knowledge of bugs or exploits to break into computer systems and access data which would otherwise be inaccessible to them – hacking can also be utilized by legitimate figures in legal situations. For example, law enforcement agencies sometimes use hacking techniques to collect evidence on criminals and other malicious actors. This could include using anonymity tools to mask their identities online and pose as criminals. Likewise, covert world agencies can employ hacking techniques in the legal conduct of their work. Hacking and cyber-attacks are used extra-legally and illegally by law enforcement and security agencies, and employed by state actors as a weapon of legal and illegal warfare.

<span class="mw-page-title-main">Turing Award</span> American annual computer science prize

The ACM A. M. Turing Award is an annual prize given by the Association for Computing Machinery (ACM) for contributions of lasting and major technical importance to computer science. It is generally recognized as the highest distinction in computer science and is often referred to as the "Nobel Prize of Computing".

The Morris worm or Internet worm of November 2, 1988, is one of the oldest computer worms distributed via the Internet, and the first to gain significant mainstream media attention. It resulted in the first felony conviction in the US under the 1986 Computer Fraud and Abuse Act. It was written by a graduate student at Cornell University, Robert Tappan Morris, and launched on 8:30 pm November 2, 1988, from the Massachusetts Institute of Technology network.

<span class="mw-page-title-main">Karl Koch (hacker)</span> German hacker (1965-c. 1989)

Karl Werner Lothar Koch was a German hacker in the 1980s, who called himself "hagbard", after Hagbard Celine. He was involved in a Cold War computer espionage incident.

<span class="mw-page-title-main">Robert Tappan Morris</span> American computer scientist; creator of Morris Worm; associate professor at MIT

Robert Tappan Morris is an American computer scientist and entrepreneur. He is best known for creating the Morris worm in 1988, considered the first computer worm on the Internet.

<span class="mw-page-title-main">ARPANET</span> Early packet switching network (1969–1990), one of the first to implement TCP/IP

The Advanced Research Projects Agency Network (ARPANET) was the first wide-area packet-switched network with distributed control and one of the first computer networks to implement the TCP/IP protocol suite. Both technologies became the technical foundation of the Internet. The ARPANET was established by the Advanced Research Projects Agency (ARPA) of the United States Department of Defense.

Communications of the ACM is the monthly journal of the Association for Computing Machinery (ACM). It was established in 1958, with Saul Rosen as its first managing editor. It is sent to all ACM members. Articles are intended for readers with backgrounds in all areas of computer science and information systems. The focus is on the practical implications of advances in information technology and associated management issues; ACM also publishes a variety of more theoretical journals. The magazine straddles the boundary of a science magazine, trade magazine, and a scientific journal. While the content is subject to peer review, the articles published are often summaries of research that may also be published elsewhere. Material published must be accessible and relevant to a broad readership.

<span class="mw-page-title-main">Alan Perlis</span> American computer scientist (1922–1990)

Alan Jay Perlis was an American computer scientist and professor at Purdue University, Carnegie Mellon University and Yale University. He is best known for his pioneering work in programming languages and was the first recipient of the Turing Award.

<span class="mw-page-title-main">Paul Mockapetris</span> American computer scientist and Internet pioneer

Paul V. Mockapetris is an American computer scientist and Internet pioneer, who invented the Internet Domain Name System (DNS).

The Computer Science Network (CSNET) was a computer network that began operation in 1981 in the United States. Its purpose was to extend networking benefits, for computer science departments at academic and research institutions that could not be directly connected to ARPANET, due to funding or authorization limitations. It played a significant role in spreading awareness of, and access to, national networking and was a major milestone on the path to development of the global Internet. CSNET was funded by the National Science Foundation for an initial three-year period from 1981 to 1984.

<i>23</i> (film) 1998 German drama thriller film by Hans-Christian Schmid

23, original German title: 23 – Nichts ist so wie es scheint is a 1998 German drama thriller film about young hacker Karl Koch, who died on 23 May 1989, a presumed suicide. It was directed by Hans-Christian Schmid, who also participated in screenwriting. The title derives from the protagonist's obsession with the number 23, a phenomenon often described as apophenia. Although the film was well received by critics and audiences, its accuracy has been vocally disputed by some witnesses to the real-life events on which it was based. Schmid subsequently co-authored a book that tells the story of the making of 23 and also details the differences between the movie and the actual main events.

<i>The Cuckoos Egg</i> (book) 1989 book by Clifford Stoll

The Cuckoo's Egg: Tracking a Spy Through the Maze of Computer Espionage is a 1989 book written by Clifford Stoll. It is his first-person account of the hunt for a computer hacker who broke into a computer at the Lawrence Berkeley National Laboratory (LBNL).

Clifford Paul "Cliff" Stoll is an American astronomer, author and teacher.

<span class="mw-page-title-main">Peter J. Denning</span> American computer scientist and writer

Peter James Denning is an American computer scientist and writer. He is best known for pioneering work in virtual memory, especially for inventing the working-set model for program behavior, which addressed thrashing in operating systems and became the reference standard for all memory management policies. He is also known for his works on principles of operating systems, operational analysis of queueing network systems, design and implementation of CSNET, the ACM digital library, and codifying the great principles of computing. He has written numerous influential articles and books, including an overview of fundamental computer science principles, computational thinking, and his thoughts on innovation as a set of learnable practices.

<span class="mw-page-title-main">Dorothy E. Denning</span> American information security researcher

Dorothy Elizabeth Denning is a US-American information security researcher known for lattice-based access control (LBAC), intrusion detection systems (IDS), and other cyber security innovations. She published four books and over 200 articles. Inducted into the National Cyber Security Hall of Fame in 2012, she is now Emeritus Distinguished Professor of Defense Analysis, Naval Postgraduate School.

Peter A. Wegner was a professor of computer science at Brown University from 1969 to 1999. He made significant contributions to both the theory of object-oriented programming during the 1980s and to the relevance of the Church–Turing thesis for empirical aspects of computer science during the 1990s and present. In 2016, Wegner wrote a brief autobiography for Conduit, the annual Brown University Computer Science department magazine.

<span class="mw-page-title-main">Cuckoo's egg (metaphor)</span> Metaphor for brood parasitism

A cuckoo's egg is a metaphor for brood parasitism, where a parasitic bird deposits its egg into a host's nest, which then incubates and feeds the chick that hatches, even at the expense of its own offspring. That original biological meaning has been extended to other uses, including one which references spyware and other pieces of malware.

References

  1. "2 W. Germans Get Suspended Terms as Computer Spies". Los Angeles Times. Reuters. 16 February 1990. Retrieved 1 December 2015.
  2. Goodchild, Joan. "10 Infamous Hacks and Hackers". CIO. Archived from the original on 2018-02-20. Retrieved 2018-02-20.
  3. Piore, Adam (2012). "Digital Spies: The Alarming Rise of Electronic Espionage". Popular Mechanics. 189: 52.
  4. "The Spy Who Hacked Me". Infosecurity Magazine. 2011-10-31. Retrieved 2018-02-20.
  5. Ramirez, Jessica (8 March 2010). "The History of Computer Hacking". Newsweek. Retrieved 1 December 2015.
  6. "Astronomer Cliff Stoll Stars in the Espionage Game, but for Him Spying Doesn't Really Compute". PEOPLE.com. Retrieved 2018-02-20.
  7. Clifford Stoll (May 1988). "Stalking the Wily Hacker" (PDF). Communications of the ACM . Association for Computing Machinery. 31 (5): 487. doi:10.1145/42411.42412. S2CID   6956966.
  8. Clifford Stoll (May 1988). "Stalking the Wily Hacker" (PDF). Communications of the ACM . Association for Computing Machinery. 31 (5): 487. doi:10.1145/42411.42412. S2CID   6956966.
  9. Clifford Stoll (May 1988). "Stalking the Wily Hacker" (PDF). Communications of the ACM . Association for Computing Machinery. 31 (5): 486. doi:10.1145/42411.42412. S2CID   6956966.
  10. Kremen, Stanley H. (1998). "Apprehending The Computer Hacker: The Collection and Use of Evidence". Computer Forensics Online. Retrieved 1 December 2015.
  11. Markoff, John (1989-03-03). "West Germans Raid Spy Ring That Violated U.S. Computers". The New York Times. ISSN   0362-4331 . Retrieved 2018-02-20.
  12. 1 2 Clifford Stoll (1989). The Cuckoo's Egg: Tracking a Spy Through the Maze of Computer Espionage . Doubleday. ISBN   0-385-24946-2.
  13. "Hackers Convicted of Selling Computer Codes to Soviets". Associated Press. 15 February 1990.
  14. "Hackers found guilty of selling computer codes". New Straits Times. 17 February 1990. Retrieved 1 December 2015.
  15. Clifford Stoll (May 1988). "Stalking the Wily Hacker" (PDF). Communications of the ACM . Association for Computing Machinery. 31 (5): 484–497. doi:10.1145/42411.42412. S2CID   6956966.
  16. "Stoll to star in Nova adaptation". Computerworld. 17 September 1990. Retrieved 1 December 2015.

Further reading

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.