Markus Hess
Encyclopedia
Markus Hess, a German
citizen, is best known for his endeavours as a hacker
in the late 1980s. Hess was recruited by the KGB
to be an international spy with the objective of securing U.S. military information for the Soviets.
, an astronomer
turned systems administrator of the computer center of the Lawrence Berkeley Laboratory (LBL) in California
. Stoll's first job duty was to track an accounting error in the LBL system. Early in his investigation, Stoll determined that the LBL computer system was compromised and that the hacker had obtained "root
" or systems privileges. Such a security compromise was more important than the accounting error. Stoll eventually determined how the hacker broke in and identified the hacker's activities on the system. LBL management considered attempting to seal off the system from this hacker, but Stoll and his colleagues convinced LBL's management that this would not be effective. Ultimately, they installed a honeypot
to ensnare the hacker.
in Germany
through the German Datex-P network via satellite link or transatlantic cable
to the Tymnet
International Gateway. Tymnet was a "gateway" service that a user called into that routed him to any one of a number of computer systems that also used the service. Tymnet was one of a number of services available that provided local telephone numbers, where directly accessing the computer would have been a long distance call
. Users normally used packet switching
services like Tymnet for their lower costs. Once he accessed Tymnet, Hess branched out to the Jet Propulsion Laboratory
in Pasadena, California
and to the Tymnet Switching System. It was through this switching system that he accessed the LBL computers.
Hess was able to attack 400 U.S. military computers by using LBL to "piggyback
" to ARPANET
and MILNET
. ARPANET was a civilian wide area network
created by the Department of Defense
which would later become what is now known as the Internet
. MILNET was its military counterpart.
. Because the call came from Oakland rather than Berkeley
, it was obvious that the hacker was not working locally. Tymnet officials helped LBL trace the various calls even though the hacker attempted to conceal their origin. Enlisting the aid of AT&T
and the FBI, Stoll eventually determined that the calls were being "piggybacked" across the United States but originating from Hanover
, Germany.
Stoll trapped Hess by creating records of a bogus military project conducted on LBL computers (according to The Cuckoo's Egg, he and his partner conceived this plan while showering, giving it the unofficial name of 'Operation Showerhead'). While the bogus information was convincing, the primary goal was simply to keep the hacker connected long enough to trace his connection, with the hope that the hacker might send a written request for further information listed as available in hard copy format. This simple technique worked. A request was received from a Pittsburgh address requesting the additional information.
At the time, this type of hacking was new and it was a considerable challenge to get the cooperation of the FBI and the West German government. Eventually, the German authorities were able to break in and arrest Hess. Hess went to trial in 1990 and Stoll testified against him. Hess was found guilty of espionage
and was sentenced to a one to three year prison sentence. He was eventually released on probation.
and a book for the general public,
The Cuckoo's Egg
.
The Cuckoo's Egg was adapted into a 1990 Nova
episode, "The KGB, The Computer, and Me".
In 1996 Ian Probert wrote a short book The Internet Incident, which was also published under the title The Internet Spy. The book was based on Hess's life with a fictitious unnamed child as the story’s narrator.
During 2007, March The Second, an independent short film directed by Kyle van Tonder, was produced. The film was based on the book The Internet Incident with Shannon Mayne (playing the part of the hacker) and Christoff Pienaar (playing the part of the child narrator, Timothy).
Germany
Germany , officially the Federal Republic of Germany , is a federal parliamentary republic in Europe. The country consists of 16 states while the capital and largest city is Berlin. Germany covers an area of 357,021 km2 and has a largely temperate seasonal climate...
citizen, is best known for his endeavours as a hacker
Hacker (computer security)
In computer security and everyday language, a hacker is someone who breaks into computers and computer networks. Hackers may be motivated by a multitude of reasons, including profit, protest, or because of the challenge...
in the late 1980s. Hess was recruited by the KGB
KGB
The KGB was the commonly used acronym for the . It was the national security agency of the Soviet Union from 1954 until 1991, and was the premier internal security, intelligence, and secret police organization during that time.The State Security Agency of the Republic of Belarus currently uses the...
to be an international spy with the objective of securing U.S. military information for the Soviets.
Lawrence Berkeley Laboratory
Hess's hacking activities were discovered by Clifford StollClifford Stoll
*High-Tech Heretic: Reflections of a Computer Contrarian, Clifford Stoll, 2000, ISBN 0-385-48976-5.-External links:* at Berkeley's Open Computing Facility**, December 3, 1989* copy at Electronic Frontier Foundation, May 1988...
, an astronomer
Astronomer
An astronomer is a scientist who studies celestial bodies such as planets, stars and galaxies.Historically, astronomy was more concerned with the classification and description of phenomena in the sky, while astrophysics attempted to explain these phenomena and the differences between them using...
turned systems administrator of the computer center of the Lawrence Berkeley Laboratory (LBL) in California
California
California is a state located on the West Coast of the United States. It is by far the most populous U.S. state, and the third-largest by land area...
. Stoll's first job duty was to track an accounting error in the LBL system. Early in his investigation, Stoll determined that the LBL computer system was compromised and that the hacker had obtained "root
Superuser
On many computer operating systems, the superuser is a special user account used for system administration. Depending on the operating system, the actual name of this account might be: root, administrator or supervisor....
" or systems privileges. Such a security compromise was more important than the accounting error. Stoll eventually determined how the hacker broke in and identified the hacker's activities on the system. LBL management considered attempting to seal off the system from this hacker, but Stoll and his colleagues convinced LBL's management that this would not be effective. Ultimately, they installed a honeypot
Honeypot (computing)
In computer terminology, a honeypot is a trap set to detect, deflect, or in some manner counteract attempts at unauthorized use of information systems...
to ensnare the hacker.
Getting in
Hess's initial activities started at the University of BremenUniversity of Bremen
The University of Bremen is a university of approximately 23,500 people from 126 countries that are studying, teaching, researching, and working in Bremen, Germany...
in Germany
Germany
Germany , officially the Federal Republic of Germany , is a federal parliamentary republic in Europe. The country consists of 16 states while the capital and largest city is Berlin. Germany covers an area of 357,021 km2 and has a largely temperate seasonal climate...
through the German Datex-P network via satellite link or transatlantic cable
Transatlantic cable
Transatlantic cable may refer to:* Transatlantic telegraph cable* Transatlantic telephone cable* Other transatlantic submarine communications cable...
to the Tymnet
Tymnet
Tymnet was an international data communications network headquartered in San Jose, California that used virtual call packet switched technology and X.25, SNA/SDLC, ASCII and BSC interfaces to connect host computers at thousands of large companies, educational institutions, and government agencies....
International Gateway. Tymnet was a "gateway" service that a user called into that routed him to any one of a number of computer systems that also used the service. Tymnet was one of a number of services available that provided local telephone numbers, where directly accessing the computer would have been a long distance call
Long Distance Call
"Long Distance Call" is an episode of the American television anthology series The Twilight Zone.-Synopsis:A boy communicates with his father's European-immigrant mother, who had recently died, using a toy telephone that she gave him on his birthday before her passing. The boy, Billy, runs out in...
. Users normally used packet switching
Packet switching
Packet switching is a digital networking communications method that groups all transmitted data – regardless of content, type, or structure – into suitably sized blocks, called packets. Packet switching features delivery of variable-bit-rate data streams over a shared network...
services like Tymnet for their lower costs. Once he accessed Tymnet, Hess branched out to the Jet Propulsion Laboratory
Jet Propulsion Laboratory
Jet Propulsion Laboratory is a federally funded research and development center and NASA field center located in the San Gabriel Valley area of Los Angeles County, California, United States. The facility is headquartered in the city of Pasadena on the border of La Cañada Flintridge and Pasadena...
in Pasadena, California
Pasadena, California
Pasadena is a city in Los Angeles County, California, United States. Although famous for hosting the annual Rose Bowl football game and Tournament of Roses Parade, Pasadena is the home to many scientific and cultural institutions, including the California Institute of Technology , the Jet...
and to the Tymnet Switching System. It was through this switching system that he accessed the LBL computers.
Hess was able to attack 400 U.S. military computers by using LBL to "piggyback
Piggybacking (security)
In security, piggybacking refers to when a person tags along with another person who is authorized to gain entry into a restricted area, or pass a certain checkpoint. The act may be legal or illegal, authorized or unauthorized, depending on the circumstances...
" to ARPANET
ARPANET
The Advanced Research Projects Agency Network , was the world's first operational packet switching network and the core network of a set that came to compose the global Internet...
and MILNET
MILNET
In computer networking, MILNET was the name given to the part of the ARPANET internetwork designated for unclassified United States Department of Defense traffic....
. ARPANET was a civilian wide area network
Wide area network
A wide area network is a telecommunication network that covers a broad area . Business and government entities utilize WANs to relay data among employees, clients, buyers, and suppliers from various geographical locations...
created by the Department of Defense
United States Department of Defense
The United States Department of Defense is the U.S...
which would later become what is now known as the Internet
Internet
The Internet is a global system of interconnected computer networks that use the standard Internet protocol suite to serve billions of users worldwide...
. MILNET was its military counterpart.
Targets
The facilities that Hess hacked into included:- SRI InternationalSRI InternationalSRI International , founded as Stanford Research Institute, is one of the world's largest contract research institutes. Based in Menlo Park, California, the trustees of Stanford University established it in 1946 as a center of innovation to support economic development in the region. It was later...
- Menlo Park, CaliforniaMenlo Park, CaliforniaMenlo Park, California is a city at the eastern edge of San Mateo County, in the San Francisco Bay Area of California, in the United States. It is bordered by San Francisco Bay on the north and east; East Palo Alto, Palo Alto, and Stanford to the south; Atherton, North Fair Oaks, and Redwood City... - U.S. ArmyUnited States ArmyThe United States Army is the main branch of the United States Armed Forces responsible for land-based military operations. It is the largest and oldest established branch of the U.S. military, and is one of seven U.S. uniformed services...
Darcom - Seckenheim, West GermanyWest GermanyWest Germany is the common English, but not official, name for the Federal Republic of Germany or FRG in the period between its creation in May 1949 to German reunification on 3 October 1990.... - Fort BucknerFort BucknerFort Buckner is a small Army base located directly next to Camp Foster on Okinawa, Japan. The 58th Signal Battalion and E Co. of the 53rd Signal Battalion are the only units on the fort...
, Camp FosterCamp FosterCamp Foster, formerly known as Camp Zukeran, is a United States Marine Corps camp located in Ginowan City on the Japanese prefecture island of Okinawa. It is part of the Marine Corps Base Camp Smedley D. Butler complex, and named after the Medal of Honor recipient PFC William A...
- Okinawa, Japan - U.S. Army 24th Infantry - Fort Stewart, Georgia
- U.S. NavyUnited States NavyThe United States Navy is the naval warfare service branch of the United States Armed Forces and one of the seven uniformed services of the United States. The U.S. Navy is the largest in the world; its battle fleet tonnage is greater than that of the next 13 largest navies combined. The U.S...
Coastal Systems Computer - Panama City, FloridaPanama City, Florida-Personal income:The median income for a household in the city was $31,572, and the median income for a family was $40,890. Males had a median income of $30,401 versus $21,431 for females. The per capita income for the city was $17,830... - U.S. Air ForceUnited States Air ForceThe United States Air Force is the aerial warfare service branch of the United States Armed Forces and one of the American uniformed services. Initially part of the United States Army, the USAF was formed as a separate branch of the military on September 18, 1947 under the National Security Act of...
- Ramstein Air BaseRamstein Air BaseRamstein Air Base is a United States Air Force base in the German state of Rheinland-Pfalz. It serves as headquarters for the United States Air Forces in Europe and is also a North Atlantic Treaty Organization installation...
, West GermanyWest GermanyWest Germany is the common English, but not official, name for the Federal Republic of Germany or FRG in the period between its creation in May 1949 to German reunification on 3 October 1990.... - MIT MX Computer, Cambridge, MassachusettsCambridge, MassachusettsCambridge is a city in Middlesex County, Massachusetts, United States, in the Greater Boston area. It was named in honor of the University of Cambridge in England, an important center of the Puritan theology embraced by the town's founders. Cambridge is home to two of the world's most prominent...
- OPTIMIS Database - The PentagonThe PentagonThe Pentagon is the headquarters of the United States Department of Defense, located in Arlington County, Virginia. As a symbol of the U.S. military, "the Pentagon" is often used metonymically to refer to the Department of Defense rather than the building itself.Designed by the American architect...
- United States Air Force Systems CommandAir Force Systems CommandAir Force Systems Command is a former United States Air Force command. Its headquarters was located at Andrews Air Force Base, Maryland...
- El Segundo, CaliforniaEl Segundo, CaliforniaEl Segundo is a city in Los Angeles County, California, United States. Located on the Santa Monica Bay, it was incorporated on January 18, 1917, and is one of the Beach Cities of Los Angeles County and part of the South Bay Cities Council of Governments... - Anniston Army DepotAnniston Army DepotAnniston Army Depot is a major United States Army facility fulfilling various depot operations. Primary missions are the repair of tracked vehicles and storage of chemical weapons . The depot is located in Bynum, Alabama....
- Anniston, AlabamaAnniston, AlabamaAnniston is a city in Calhoun County in the state of Alabama, United States.As of the 2000 census, the population of the city is 24,276. According to the 2005 U.S. Census estimates, the city had a population of 23,741...
Tracking Hess and his capture
Stoll, with the help of local authorities, traced the call to Tymnet switch in Oakland, CaliforniaOakland, California
Oakland is a major West Coast port city on San Francisco Bay in the U.S. state of California. It is the eighth-largest city in the state with a 2010 population of 390,724...
. Because the call came from Oakland rather than Berkeley
Berkeley, California
Berkeley is a city on the east shore of the San Francisco Bay in Northern California, United States. Its neighbors to the south are the cities of Oakland and Emeryville. To the north is the city of Albany and the unincorporated community of Kensington...
, it was obvious that the hacker was not working locally. Tymnet officials helped LBL trace the various calls even though the hacker attempted to conceal their origin. Enlisting the aid of AT&T
AT&T
AT&T Inc. is an American multinational telecommunications corporation headquartered in Whitacre Tower, Dallas, Texas, United States. It is the largest provider of mobile telephony and fixed telephony in the United States, and is also a provider of broadband and subscription television services...
and the FBI, Stoll eventually determined that the calls were being "piggybacked" across the United States but originating from Hanover
Hanover
Hanover or Hannover, on the river Leine, is the capital of the federal state of Lower Saxony , Germany and was once by personal union the family seat of the Hanoverian Kings of Great Britain, under their title as the dukes of Brunswick-Lüneburg...
, Germany.
Stoll trapped Hess by creating records of a bogus military project conducted on LBL computers (according to The Cuckoo's Egg, he and his partner conceived this plan while showering, giving it the unofficial name of 'Operation Showerhead'). While the bogus information was convincing, the primary goal was simply to keep the hacker connected long enough to trace his connection, with the hope that the hacker might send a written request for further information listed as available in hard copy format. This simple technique worked. A request was received from a Pittsburgh address requesting the additional information.
At the time, this type of hacking was new and it was a considerable challenge to get the cooperation of the FBI and the West German government. Eventually, the German authorities were able to break in and arrest Hess. Hess went to trial in 1990 and Stoll testified against him. Hess was found guilty of espionage
Espionage
Espionage or spying involves an individual obtaining information that is considered secret or confidential without the permission of the holder of the information. Espionage is inherently clandestine, lest the legitimate holder of the information change plans or take other countermeasures once it...
and was sentenced to a one to three year prison sentence. He was eventually released on probation.
Literature and films
After Hess's capture, Stoll wrote about his efforts to track and locate Hess in a technical paper, Stalking the Wily Hacker,and a book for the general public,
The Cuckoo's Egg
The Cuckoo's Egg (book)
The Cuckoo's Egg: Tracking a Spy Through the Maze of Computer Espionage is a 1989 book written by Clifford Stoll. It is his first-person account of the hunt for a computer cracker who broke into a computer at the Lawrence Berkeley National Laboratory .-Summary:Clifford Stoll managed some...
.
The Cuckoo's Egg was adapted into a 1990 Nova
NOVA (TV series)
Nova is a popular science television series from the U.S. produced by WGBH Boston. It can be seen on the Public Broadcasting Service in the United States, and in more than 100 other countries...
episode, "The KGB, The Computer, and Me".
In 1996 Ian Probert wrote a short book The Internet Incident, which was also published under the title The Internet Spy. The book was based on Hess's life with a fictitious unnamed child as the story’s narrator.
During 2007, March The Second, an independent short film directed by Kyle van Tonder, was produced. The film was based on the book The Internet Incident with Shannon Mayne (playing the part of the hacker) and Christoff Pienaar (playing the part of the child narrator, Timothy).