A cornucopia of stuff. Do it yourself, humor, hacks, fails, self development.

Clifford Stoll – An astronomy professor who stopped a hacker

.
In 1986, Cliff Stoll was an Astronomy Professor at Berkley. When a computer administrator was on leave, Cliff was in charge of the systems. He found a 75 cent accounting error and started tracking it down. He eventually exposed a Soviet Bloc hacker who was stealing US Military secrets. His book, The Cuckoo’s Egg details the security issues that allowed the hacker to penetrate some of the most secure systems. The problem is that these vulnerabilities still exist today.

Cliff Stoll strikes me as a guy who lives at the tails of bell curves. He is highly intelligent and can think outside the box. He also took a highly complex topic and turned it into a novel that just about anyone can read and understand.  One of his hobbies is Klein Bottles. They are one dimensional bottles that can hold water.

At the time of the incident, digital forensics really didn’t exist. Stoll’s brilliance was shown in a number of ways.

(note – the au files linked below will download)

 

When he discovered a .75 cent discrepancy, he did not simply ignore it. He followed up doggedly. When Cliff called the FBI and told them them there was a computer breech, they asked how much money was lost. When he told them .75 cents, they told him to get lost.

(from https://town.hall.org/radio/University/Stoll/)

Cliff and 75 Cents
Let the bastard in
Cliff talks with the NSA

 

He did not shut the hacker out of the system.  In his own words he “..let the bastard in” Listen at  cliff04   (from https://town.hall.org/radio/University/Stoll/cliff04.html)

He then went to the NSA  and ran into another brick wall.  Cliff Stoll talks with the NSA (from https://town.hall.org/radio/University/Stoll/cliff04.html)

Now, picture a Berkley Hippie Type professor going to the FBI telling them about classified systems that he was watching the hacker access.

Stoll wrote a book called “The Cuckoo’s Egg” that details how he tracked the hacker. It is written like a novel, not a technical book.  He discussed some of the methods that the hacker used to access the Berkley systems and other systems. Unfortunately , these techniques still work today:

  • Exploit unpatched systems. I don’t know how many systems I have come across where they are running operating systems and software that is not patched. Unpatched system allow hackers to use known exploits to gain access.
  • Social Engineering – The hacker would contact people and get passwords using ruses. Yep, Phishing has been around for a long time.
  • Weak or default Passwords – This is obvious but consider that the recent Equifax hack was made possible in part by the use of a default admin/admin id/pw.

Unfortunately users and administrators have not learned the lessons that have been obvious since the mid 1980’s. For about 25 years, I taught computer science classes ranging from 100 to 500 level classes. Whenever possible, I made Stoll’s book mandatory reading.

What makes Stoll amazing is that the majority of people never would have seen that there was a problem much less spent the effort to track it down and come to a resolution.

 

 

 

 

Similar Posts:

Leave a Reply

Your email address will not be published. Required fields are marked *

Archives
Categories
Recent Comments
Amazon Disclosure
We are a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for us to earn fees by linking to Amazon.com and affiliated sites.