A computer crimes increase, so does effort to stop them
On busy days, Rich Hurlocker's beeper goes off eight times.
It's his computer calling for help. Someone is trying to break into the network of his employer, Rocky Mountain College.
Hurlocker, RMC's system administrator, drops what he's doing and runs to a computer to check the activity. Usually it's just a novice hacker probing the university's computer network for a weak spot. "It' s like people going around and trying the doorknobs on your house," he said.
There has not been an actual network break-in at RMC for two years, but the doorknob turning is becoming more determined and Hurlocker has to work harder to keep the school safe from hackers.
"It's a constant battle," he said. "It's getting worse."
Silent but fierce skirmishes between hackers and computer network administrators take place every day in Billings. They're becoming more frequent. Federal prosecutors and computer experts talked about the problem last week during a seminar on computer privacy and policy at RMC.
"How many of you have been victims of an intrusion?" Assistant U.S. Attorney Jim Seykora asked the audience of about 60 computer professionals.
Nearly every hand was raised.
The stigma of being violated and the publicity of losing secure information keeps many from reporting computer crimes, Seykora said. This lack of punishment leads hackers to believe it' s OK to break into private systems. It becomes merely a game for bored computer users, many of whom are teen-agers.
Many of the intrusions are "pings" and "probes" that never get past the computer network' s security system, Seykora said. But, if intruders do get in, damage can easily be done. Files can be deleted or copied and private information shared.
The State of Montana's official Web site was penetrated by hackers about two weeks ago and defaced with Chinese slogans.
And a hacker recently defaced the Montana Bureau of Land Management Web site, Seykora said. Although damage in dollar amounts was relatively low, traffic was disrupted and any tampering with a federal network is a federal crime. FBI agents investigated the intrusion and traced the work to an 18-year-old Minneapolis man. A warrant was obtained and his computer confiscated. Further investigation revealed the man had cracked into 50 university Web sites and at least two other federal agency Web sites. Damage to some of the university sites reached $50,000, but no one had reported him.
Some businesses wait until they have been hacked 30 or 40 times before reporting the crime to authorities, said Joseph DeMarco, assistant U.S. attorney for the Southern District of New York. And an advisor to the U.S. attorney general.
Early capture saves a lot of headaches, DeMarco said.
"It's very difficult for us to catch a computer hacker if the victims won't come forward," DeMarco told the RMC audience. "Please give us a call, please give us any data you can. It may help us later on. "
Many times, the victims won't know the full extent of the damage done to a computer system until after the hacker is captured and his or her computer is examined.
"They can own your system and you will never even know it," DeMarco said.
Most hackers aren't hard-core criminals out to cripple the nation's computer systems. They're bored, but intelligent kids.
The most common attempt to intrude networks is done by "script kiddies," Hurlocker said, "looking to put a feather in their cap." These are generally younger computer users who do mischief using tools and recipes downloaded off the Internet. Some computer users bristle at the term "hacker," when it' s used to describe a criminal. A true hacker, according to a variety of Web sites on the topic, thinks exploring a private network is ethically OK so long as no theft, vandalism or secret files are shared.
Businesses don't make such distinctions.
When Avista Communications in Billings was "pinged" by "script kiddies," the FBI was called, said Dudley Leaphart, an Internet technician for the Spokane-based company.
A few years ago, Avista had a portion of a password file stolen. The FBI quickly traced the hack to a Billings high school student, who was attempting to breach the system so he could brag about it, Leaphart said.
"When the FBI knocked on his door, he changed his mind," he said.
The boy was not charged, but he was warned. Two weeks ago, Leaphart received an e-mail from the boy's mother. The former hacker is now in the military, she wrote, and is working as a computer security technician.
"That episode with the FBI turned his life around," Leaphart said.
James Hagengruber can be reached at (406) 657-1232 or at email@example.com