Operation Sundevil was a 1990 nationwide United States Secret Service crackdown on "illegal computer hacking activities." It involved raids in approximately fifteen different cities and resulted in three arrests and the confiscation of computers, the contents of electronic bulletin board systems (BBSes), and floppy disks. It was revealed in a press release on May 9, 1990. The arrests and subsequent court cases resulted in the creation of the Electronic Frontier Foundation. The operation is now seen as largely a public-relations stunt[ citation needed ]. Operation Sundevil has also been viewed as one of the preliminary attacks on the Legion of Doom and similar hacking groups. [1] The raid on Steve Jackson Games, which led to the court case Steve Jackson Games, Inc. v. United States Secret Service , is often attributed to Operation Sundevil, but the Electronic Frontier Foundation states that it is unrelated and cites this attribution as a media error. [2] [3]
The name comes from the Sun Devil Stadium of Arizona State University, near the local Secret Service headquarters from where the investigation and raids were coordinated. [4]
Prior to 1990, people who manipulated telecommunication systems, known as phreakers, were generally not prosecuted within the United States. The majority of phreakers used software to obtain calling card numbers and built simple tone devices in order to make free telephone calls. A small elite, highly technical segment of phreakers were more interested in information about the inner workings of the telecommunication system than in making free phone calls. Phone companies complained of financial losses from phreaking activities. [5] The switch from analog to digital equipment began to expose more of the inner workings of telephone companies as hackers began to explore the switches and trunks. Due to a lack of laws and expertise on the part of American law enforcement, few cases against hackers were prosecuted until Operation Sundevil. [4]
However, starting in 1989, the US Secret Service (USSS), which had been given authority from Congress to deal with access device fraud as an extension of wire fraud investigations under Title 18 (§ 1029), began to investigate. Over the course of the 18-month-long investigation, the USSS gathered alleged evidence of rampant credit card and calling card fraud over state lines. [6]
Operation Sundevil allowed multiple federal law enforcement agencies, particularly the Secret Service and the FBI, to gain valuable expertise on fighting this new form of criminal activity as well as expanding the agencies' budgets. New laws were created to allow federal prosecutors to charge individuals accused of phreaking, hacking, wire, and credit card fraud. Evidence gained from Operation Sundevil allowed law enforcement to convince the United States Congress of the need for additional funding, training, and overall expansion. [4]
Along with the Chicago Task Force and the Arizona Organized Crime and Racketeering Bureau, the operation involved raids in Austin, Plano, Cincinnati, Detroit, Los Angeles, Miami, New York, Newark, Phoenix, Pittsburgh, Richmond, Tucson, San Diego, San Jose, San Francisco, and Seattle. The raids were centered in Arizona, where the press conference occurred. [6]
Raids generally took place in middle-class suburbs and targeted credit card thieves and telephone abusers. [7] They were carried out by local police, with the aid of over 150 Secret Service agents, FBI and CIA. [4] Twenty-seven search warrants, resulting in three arrests, were issued and executed on May 7 and 8, 1990. [8] Police also took around 42 computers and approximately 25 BBSes, including some of the most infamous and elite hacking BBSs in the world at that time, such as Cloud Nine. This was the largest crackdown on electronic bulletin boards in world history. Finally, about 23,000 floppy disks were also seized. These held a variety of data, including software, phreaking and hacking tools, tens of thousands of credit card details, and a plethora of illegal copyrighted material. The three people arrested were "Tony the Trashman," "Dr. Ripco," and "Electra." [4]
Other parts of the operation targeted the underground ezine Phrack , which had published the contents of a proprietary text file copied from BellSouth computers and containing information about the E911 emergency response system, although this was later made null in a court case in which it was proven that the same information about the E911 system was also provided to the public through a mail-order catalog. [5]
In a press release on May 9, 1990, officials from the federal government and the Arizona state government revealed that the Secret Service was involved in the investigation. The Assistant Director of the US Secret Service, Garry M. Jenkins, commented in a press release that, "the Secret Service is sending a clear message to those computer hackers who have decided to violate the laws of this nation in the mistaken belief that they can successfully avoid detection by hiding behind the relative anonymity of their computer terminals." [5]
Two public-access computer systems were shut down in the days following the operation: an AT&T Unix system in Dallas, Texas sdf and a Jolnet system in Lockport, Illinois. Neither has been linked to the operation, however. An AT&T spokesman claimed the shutdown was a result of an internal investigation and was not related to the operation. [8]
In response to the arrests, the Electronic Frontier Foundation was founded by Mitchell Kapor, the founder of Lotus Development Corporation, and John Perry Barlow, an author. [9] The foundation hired lawyers to represent the hackers in two of the cases arising from Operation Sundevil. [10]
Operation Sundevil was the most publicized action by the federal government against hackers. [4] In part due to this, it has been seen as a public-relations stunt and a message to hackers. While it did little overall damage to the hacking community in the long run, it did stop the illicit hacking activities of many of the best hackers in the world for a short period of time, which is why it has been lauded as a tactical success due to the surprise and damage it caused to the communities in comparison to the long wars waged against the Legion of Doom. [4] However, it has also been criticized as a failure due to several unsuccessful prosecutions, and a number of raids not even leading to arrest. [11]
Steve Jackson Games (SJGames) is a game company, founded in 1980 by Steve Jackson, that creates and publishes role-playing, board, and card games, and the gaming magazine Pyramid.
Phrack is an e-zine written by and for hackers, first published November 17, 1985. Described by Fyodor as "the best, and by far the longest running hacker zine," the magazine is open for contributions by anyone who desires to publish remarkable works or express original ideas on the topics of interest. It has a wide circulation which includes both hackers and computer security professionals.
2600: The Hacker Quarterly is an American seasonal publication of technical information and articles, many of which are written and submitted by the readership, on a variety of subjects including hacking, telephone switching systems, Internet protocols and services, as well as general news concerning the computer "underground."
The United States Secret Service is a federal law enforcement agency under the Department of Homeland Security charged with conducting criminal investigations and protecting U.S. political leaders, their families, and visiting heads of state or government. Until 2003, the Secret Service was part of the Department of the Treasury, as the agency was founded in 1865 to combat the then-widespread counterfeiting of U.S. currency.
Phreaking is a slang term coined to describe the activity of a culture of people who study, experiment with, or explore telecommunication systems, such as equipment and systems connected to public telephone networks. The term phreak is a sensational spelling of the word freak with the ph- from phone, and may also refer to the use of various audio frequencies to manipulate a phone system. Phreak, phreaker, or phone phreak are names used for and by individuals who participate in phreaking.
Loyd Blankenship, better known by his pseudonym The Mentor, is a well-known computer hacker and writer. He has been active since the 1970s, when he was a member of the hacker groups Extasyy Elite and Legion of Doom.
Bryan Clough is an English writer.
Chris Goggans, who used the name Erik Bloodaxe in honor of the Viking king Eric I of Norway, is an American hacker, founding member of the Legion of Doom group, and a former editor of Phrack magazine. Loyd Blankenship, aka The Mentor, described Goggans/Bloodaxe as "the best hacker I ever met".
The Hacker Crackdown: Law and Disorder on the Electronic Frontier is a work of nonfiction by Bruce Sterling first published in 1992.
Steve Jackson Games, Inc. v. United States Secret Service, 816 F. Supp. 432, was a lawsuit arising from a 1990 raid by the United States Secret Service on the headquarters of Steve Jackson Games (SJG) in Austin, Texas. The raid, along with the Secret Service's unrelated Operation Sundevil, was influential in the founding of the Electronic Frontier Foundation.
The Internet has a long history of turbulent relations, major maliciously designed disruptions, and other conflicts. This is a list of known and documented Internet, Usenet, virtual community and World Wide Web related conflicts, and of conflicts that touch on both offline and online worlds with possibly wider reaching implications.
Michael Wayne Godwin is an American attorney and author. He was the first staff counsel of the Electronic Frontier Foundation (EFF), and he created the Internet adage Godwin's law and the notion of an Internet meme, as reported in the October 1994 issue of Wired. From July 2007 to October 2010, he was general counsel for the Wikimedia Foundation. In March 2011, he was elected to the Open Source Initiative board. Godwin has served as a contributing editor of Reason magazine since 1994. In April 2019, he was elected to the Internet Society board. From 2015 to 2020, he was general counsel and director of innovation policy at the R Street Institute. In August 2020, he and the Blackstone Law Group filed a lawsuit against the Trump administration on behalf of the employees of TikTok.
The Electronic Frontier Foundation (EFF) is an international non-profit digital rights group based in San Francisco, California. The foundation was formed on 10 July 1990 by John Gilmore, John Perry Barlow and Mitch Kapor to promote Internet civil liberties.
Leonard Rose, aka Terminus, is an American hacker who in 1991 accepted a plea bargain that convicted him of two counts of wire fraud stemming from publishing an article in Phrack magazine.
Albert Gonzalez is an American computer hacker and computer criminal who is accused of masterminding the combined credit card theft and subsequent reselling of more than 170 million card and ATM numbers from 2005 to 2007: the biggest such fraud in history. Gonzalez and his accomplices used SQL injection to deploy backdoors on several corporate systems in order to launch packet sniffing attacks which allowed him to steal computer data from internal corporate networks. During his spree, he was said to have thrown himself a $75,000 birthday party and complained about having to count $340,000 by hand after his currency-counting machine broke. Gonzalez stayed at lavish hotels but his formal homes were modest.
Patrick Karel Kroupa is an American writer, hacker and activist. Kroupa was a member of the Legion of Doom and Cult of the Dead Cow hacker groups and co-founded MindVox in 1991, with Bruce Fancher. He was a heroin addict from age 14 to 30 and got clean through the use of the hallucinogenic drug ibogaine.
Roman Valerevich Seleznev, also known by his hacker name Track2, is a Russian computer hacker. Seleznev was indicted in the United States in 2011, and was convicted of hacking into servers to steal credit-card data. His activities are estimated to have caused more than $169 million in damages to businesses and financial institutions. Seleznev was arrested on July 5, 2014, and was sentenced to 27 years in prison for wire fraud, intentional damage to a protected computer, and identity theft.
Carding is a term describing the trafficking and unauthorized use of credit cards. The stolen credit cards or credit card numbers are then used to buy prepaid gift cards to cover up the tracks. Activities also encompass exploitation of personal data, and money laundering techniques. Modern carding sites have been described as full-service commercial entities.