== Phrack Inc. == Volume Three, Issue Thirty-five, File 5 of 13 ______________________________________________________________ || || || Don't let THIS happen to you! || || || || __________ || || Heh | |/No life, no future... || || /Heh! | 0 H S L Q I F X || || O | --|-- || || --|-- | / \ || || / \ | / \ || || / \____|____ E N _ R _ P M E N _ || || Dale ^ || || Drew | || || Will this be YOU?! || ||______________________________________________________________|| The following is a reprint of the article "Sting Operations" from the book _Dedicated Computer Crime Units_ (pages 101-103) written by J. Thomas McEwen for the U.S. Department of Justice and published in June 1989. If you would like to get your own FREE copy of this book, or its companion books: - Organizing for Computer Crime Investigation and Prosecution - Electronic Fund Transfer and Crime - Electronic Fund Transfer Fraud you can contact: U.S. Department of Justice Office of Justice Programs National Institute of Justice Washington, D.C. 20531 (301)251-5500 (800)851-3420 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - S T I N G O P E R A T I O N S ~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~ Will *YOU* Be The Next Victim?! Transcribed by Sovereign Immunity ELECTRONIC BULLETIN BOARDS An electronic bulletin board allows for the storage of information which can be retrieved by other systems calling into the board. It is essentially a database maintained by a system that is accessible by others over telephone lines. Most bulletin boards have been created for specific purposes, usually for the exchange of messages and information among parties with common interests. For example, members of computer clubs maintain bulletin boards for communicating with each other between meetings. Bulletin boards are especially popular among microcomputer users. Establishment of a bulletin board is facilitated by programs that can be purchased or obtained from public domain software. With one of these programs, a user can establish tailored menus for anyone dialing into the board. These menus will usually contain options on information about the board, bulletins, news summaries, personal mail, conferences, and leaving messages. In addition, most bulletin boards have different levels of access to restrict users from certain parts of the board. The bulletin board owner, usually called the System Operator (SYSOP), personally establishes the authorized access levels for each user and enters this information into the system. Access is determined by having a user provide their name and password when signing on to the system. A telephone line into the system is the only other requirement for establishing a board on a microcomputer. Access to bulletin boards generally operates along the following lines: - A user dials into the bulletin board. - The board responds with a message asking for the person's name and password. - The board then provides a menu showing the options available to the user. - The user selects an option and starts interacting with the system. - During a session, a user typically may read messages, leave messages, download files, upload files, or join a conference. - The user eventually "quits" the session and hangs up from the board. While most bulletin boards have been established for legitimate purposes, there are also "pirate" or "elite" boards that contain illegal information or have been established to advance an illegal activity. Security on those boards is tightly controlled by the owners. With these bulletin boards, users usually have to contact the owner directly to obtain a password for access to different levels of the system. A degree of trust must therefore be established before the owner will allow access to the board, and the owners develop "power" over who can use the system. Pirate boards have been found with a variety of illegal information on them including the following: - Stolen credit card account numbers - Long distance telephone service codes - Telephone numbers to mainframe computers, including passwords and account numbers - Procedures for making illegal drugs - Procedures for making car bombs - Hacking programs - Tips on how to break into computer systems - Schematics for electronic boxes (e.g., black box) These boards obviously are a threat to communities, and their existence has gained the attention of some police departments. STING OPERATIONS WITH BULLETIN BOARDS The experiences of the Maricopa County, Arizona, Sheriff's Department and the Fremont, California, Police Department are very instructive on how local departments can establish their own bulletin boards and become part of the network with other boards. Members of the Maricopa County Sheriff's Department were the first in the country to establish such a board. Their board resulted in over 50 arrests with the usual charge being telecommunications fraud. In September, 1985, the Fremont Police Department established a bulletin board for the primary purpose of gathering intelligence on hackers and phreakers in the area. The operation was partially funded by VISA, Inc. with additional support from Wells Fargo Bank, Western Union, Sprint, MCI, and ITT. After establishing their bulletin board, they advertised it on other boards as the newest "phreak board" in the area. Within the first four days, over 300 calls were received on the board. During the next three months, the board logged over 2,500 calls from 130 regular users. Through the bulletin board, they persuaded these groups that they had stolen or hacked long-distance telephone service codes and credit account numbers. They were readily accepted and were allowed access to pirate boards in the area. The board was operated for a total of three months. During that period, over 300 stolen credit card numbers and long-distance telephone service codes were recovered. Passwords to many government, educational, and corporate computers were also discovered on other boards. The operation resulted in the apprehension of eight teenagers in the area who were charged with trafficking in stolen credit card accounts, trafficking in stolen long-distance telephone service codes, and possession of stolen property. Within the next week, seven more teenagers in California and other states were arrested on information from this operation. It was established that this group had been illegally accessing between ten and fifteen businesses and institutions in California. They were regularly bypassing the security of these systems with stolen phone numbers and access codes. One victim company estimated that it intended to spend $10,000 to improve its security and data integrity procedures. Other victimized businesses were proceeding along the same lines. CONCLUSIONS There are several reasons for conducting Sting operations of this type. One of the most important is that it provides a proactive method of identifying hackers and phreakers in the area. These groups are particularly hard to find since they operate in closed circles with personal networks developed from friendships. Another byproduct of these operations is the publicity surrounding the cases. Sting operations result in considerable amount of attention from the media. The publicity has the effect of closing down other pirate boards in the area. One of the greatest fears of these offenders in that their systems will be taken, and in the Fremont operation over $12,000 of computer equipment was seized. The publicity associated with these seizures seems to be the primary reason for others to stop their pirate boards. These operations also lead to other types of offenses. In Fremont, for example, drug and alcohol cases were developed as a result of the Sting operation. This has been typical of these operations. The Sting operations with bulletin boards have been criticized because teenagers, rather than hardened criminals, are arrested. Many hackers believe that they have a right to the data in other systems and that their activities are not illegal since the companies can afford the losses. On the other hand, as one investigator observed, the hackers of today may be the sophisticated computer criminals of tomorrow. It is therefore important to set a lesson early in their careers steering them away from these offenses. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - RESPONSE FROM A MEMBER OF THE HACKER COMMUNITY: Now lets take a look at this article and the ignorant author J. Thomas McEwen. "Pirate boards have been found with a variety of illegal information on them..." The author names: "Telephone numbers to mainframe computers" -- There is nothing illegal in having the telephone number to a mainframe computer. It is illegal to access a computer without authorization. "Procedures for making illegal drugs" -- It is NOT illegal to know how to manufacture illegal drugs, only to actually manufacture or use them. "Procedures for making car bombs" -- It is NOT illegal to know how to manufacture car bombs, only to actually manufacture or use them. "Hacking programs" -- Indeed most security companies, private security consultants, or mainframe owners and operators use these to test their systems very often. It would only be illegal to use one on a machine that you are not authorized to use it on. "Tips on how to break into computer systems" -- Again, it is NOT illegal to know how to break into a computer... although for a change, according to a section of the Computer Fraud & Abuse Act of 1986 (Federal Law), it would be illegal to traffic in passwords, codes, and theoretically any instructions that would be the equivalent of passwords or codes for the unauthorized entry into computer systems. "Schematics for electronic boxes (e.g., black box)" -- This is getting boring. It is NOT illegal to know how to build these devices, only the actual construction or use of them is illegal. "These boards obviously are a threat to communities, and their existence has gained the attention of some police departments." How are they obviously a threat? The author would like us to believe that if the information on how to make telephone devices, explosives, or narcotics is available on bulletin boards, this is enough to make them a threat to communities. What he ignores is that the same information can be found in public and university libraries, text books, and technical journals; He ignores that the mere possession of information on how a crime MIGHT be committed is NOT a crime; and finally, He fails to recognize any First Amendment rights whatsoever of computer bulletin boards to have all such information to begin with. "It is therefore important to set a lesson early in the careers steering them away from these offenses." Of course an arrest for some minor computer mischief is not going to be great resume material when these teenagers start applying for jobs, even though the establishment has inspired within them the socially acceptable goal of conforming to society's expectations. CONCLUSIONS The author, J. Thomas McEwen, does not know much about freedom of speech and for that matter, he does not know much about the law. He does know a lot about how to sensationalize very benign conduct into dangerous conspiracy. Perhaps he is close friends with Geraldo Rivera. Bulletin board operators and users take note of the law and your rights. Don't let yourself get taken in by Sting boards or ignorant law enforcement officers looking for some gratification on the job since they aren't getting it at home. S o v e r e i g n I m m u n i t y - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Editor's Comments by: Dispater Sting boards have been a popular topic in Phrack and Phrack World News over the years. In this file, Sovereign Immunity, showed us an excerpt that discussed a Sting bulletin board in Fremont, California. As it turns out, Knight Lightning had some material about this way back in Phrack World News Issue 3 (which actually appeared in Phrack Issue 4). The article was titled "Phoenix Phortress Stings 7." There have also been many other articles in Phrack World News about sting operations and bulletin boards. Additionally, Phrack Issues 21-23 each carried one part of Knight Lightning's "Vicious Circle" Trilogy. The first two parts of which ("Shadows Of A Future Past" and "The Judas Contract") contained a lot of material about sting boards and informants. Although Phrack has not presented material concerning Sting boards in Maricopa County, Arizona, there was discussion about a bulletin board (The Dark Side) in Arizona (602) run by "The Dictator" (Dale Drew) as a sting operation revealed in Computer Underground Digest 3.02 and recently we heard that he was back in action under the name "Blind Faith." Dispater _______________________________________________________________________________ Downloaded From P-80 International Information Systems 304-744-2253 12yrs+