How a 75-cent error led to a true spy mystery

Computer lab

Who’s watching us? Do you ever wonder? Computer lab image courtesy of Ronnieb, Morguefile.

It’s often the tiniest of errors that trip up somebody who’s into no good.

Back in the mid-1980s, there was an astronomer called Cliff Stoll, who worked as a computer systems administrator at Lawrence Berkeley Lab in California. One day, his boss brought him a 75-cent accounting error and asked him to find out what caused it.

But this little error led to one mystery after another. The account’s user didn’t have a valid billing address.  Another account showed activity from someone other than the original owner of the account.

And the mysteries kept growing. Through patience, persistence and a lot of hard work, Cliff Stoll eventually determined that a foreign hacker was invading the security of U.S. computer systems and stealing sensitive military and security information.

It’s one of the first documented cases of digital forensics, and Cliff Stoll wrote a wonderful book about his experiences: The Cuckoo’s Egg: Tracking A Spy Through The Maze Of Computer Espionage. The book is an engaging mix of his life in the Berkeley area and his effort to catch the thief, who proved to be a German hacker called Markus Hess.

I love this book because it’s a funny mixture of Cliff’s home life (sneakers getting melted in the microwave!) as well as a good description of how the hacker was found and caught through a honeypot trap. Cliff explains technical information in layman’s terms, so it’s easy for even non-computer experts to understand.

I’ve been re-reading this book since I saw it in the library and haven’t read it in a while. It’s interesting to compare the differences in cyberspace since this book was originally published and what the Internet is today.

Cliff also faced some bureaucratic resistance when he tried to report the spying to the government. At the time, hacking wasn’t considered all that villainous and cyber crime was a new field. Some government agencies claimed that the activity wasn’t in their jurisdiction, but that’s changed now. Agencies such as the FBI and Interpol have divisions and programs dedicated to cybercrime.

This was the book that taught me some important bits of cyber security: E-mail is not private, passwords and usernames should not be given out in e-mail and passwords should be as secure as possible. Since this book was published a couple of decades ago, I think people are more security-minded but they still don’t pick passwords that are secure enough. (Here are 25 of the least secure passwords.)

But maybe in this age of social media, we’ve learned to make an intelligent compromise about what we reveal about ourselves online and what we should never say online. Blog readers, your thoughts?



Filed under Writing

24 responses to “How a 75-cent error led to a true spy mystery

  1. As a systems administrator from years ago, I find the whole subject of the spying vastly interesting. I will admit systems administrators can have a lot of power. It used to scare me what I could do if I had an inclination, and hey, the hacker is in all true techies, so I sometimes had a temptation. But there was something I could not do without someone observing closely, and that was dealing with unannounced products, i.e., unannounced software. I nor anyone else with full authority on the company systems was ever allowed to work alone with respect to unannounced products. This was an ironclad rule, and if you were found violating it, it could be immediate dismissal. I say all of this to make the point that I’m profoundly confused by the fact that Edward Snowden was working alone while overseeing state secrets. Shaking my head as I write this. When I read that in one of the reports on him, i wondered if what we were hearing was really what went on. It makes no sense unless our government and Booz, Allen are really that inept.

    Then again, I’m much less confused when I consider my uncle who worked for years in intelligence at the Pentagon and made the off-hand statement one time, “Do not believe what you read about covert operations. It will never be accurate.”

  2. One more thing. I am a longtime member of Internet Archive, and even with my background of understanding data proliferation via backups, I’ve been amazed at what can be unearthed. If people are wondering if they should say something online that may be a problem for them later, they need to probably refrain saying it. The Archive has lots of interesting snapshots and this is in addition to the caching done by search engines. Bottom line: it is difficult to completely scrub something from the Net unless you pay a lot of money or have a lot of clout to get it done. Mostly, people have to rely on others’ ignorance of how to dig something up in order for it to remain buried, but people are becoming more savvy about how to do this as time goes on.

  3. Great review, and I am checking this book out. Thanks, Dianne

  4. Interesting parallels. Book sound intriguing (the more things change, the more they are the same?)
    Once info is out there – it can’t be called back. Always good to remember.

  5. I was relieved to see that I don’t use popular passwords. Actually, in comparison, my passwords are really passwords. I am also amazed that Snowden believes what he is doing is right and has fled to countries that are even more censored and restrictive for refuge.

  6. Our common sense and our laws always seem to lag about a decade behind our capabilities and that’s definitely the case when it comes to privacy online. I think it will be sometime yet until we get it all sorted out. In the meantime, as is the case with all unknowns, it’s best to put caution first.

  7. That sounds like a genuinely interesting book. I will check it out. Thanks 🙂

  8. This was a great story!

    And I am delighted to see that, although I am a Michael, I am not stupid enough to make “Michael” my password.

  9. Come to my New Year’s Eve Party–you were a great support last year–I need you again this year!

  10. I wrote a blog recently about the secrets we don’t share on-line. It’s an interesting distinction, what we chose to share and what we don’t. Happy New Year, Editor!

  11. I wonder what the backlash will be when those quirky little college Facebook posts pop up in future senator smear campaigns–then again, as my son aptly said, “Everyone’s done something stupid, so it shouldn’t be a big deal when it comes back around.” It will be a wait and see, won’t it?

    • I think so. Although if somebody’s smart, they’d erase those posts off their Facebook before entering a campaign. I’ve heard of a case where someone was accepted to a college and then the acceptance was revoked because of what that person had put on their Facebook. Makes you think.


Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s