Copyright © 1995 The New York Times Company
April 21, 1991
Beyond the reach of American law, a group of Dutch computer intruders have been openly defying United States military, space and intelligence authorities for almost six months. Recently they broke into a United States military computer while being filmed by a Dutch television station.
The intruders, working over local telephone lines that enable them to tap American computer networks at almost no cost, have not done serious damage, Federal investigators say. And they have not penetrated the most secure Government computer systems. But they have entered a wide range of computers, including those at the Kennedy Space Center, the Pentagon's Pacific Fleet Command, the Lawrence Livermore National Laboratory and Stanford University using an international computer network known as the Internet.
While the information on these systems is not classified, the computers store a great variety of material, including routine memorandums, unpublished reports and data from experiments. Federal officials said the group had tampered with some information stored on systems they have illegally entered.
United States Government officials said that they had been tracking the interlopers, but that no arrests had been made because there are no legal restrictions in the Netherlands barring unauthorized computer access. Telephone calls to Dutch Government officials in the Netherlands and the United States seeking comment were not returned.
"This has been a terrible problem," said Gail Thackeray, a former Arizona Assistant Attorney General who has prosecuted computer crimes. "Until recently there have been few countries that have computer crime laws. These countries are acting as hacker havens." Ms. Thackeray said that just as offshore banks in certain countries have traditionally protected financial privacy some countries protect intellectual property violations.
American law-enforcement officials said they believed there were three or four members of the Dutch group, but they would not release any names. A Dutch television news report in February showed a member of the group at the University of Utrecht reading information off a computer screen showing what he said was missile test information taken electronically from a United States military computer. His back was to the camera, and he was not named.
Most computer networks, American and foreign, are connected by a privately leased phone line. Computer users can use a modem to connect their personal computers to another computer that is in turn connected to a network. The Dutch group could have used a local network in the Netherlands to reach Internet.
Military and intelligence agencies physically separate classified computer networks from those used by businesses and researchers to protect the data from electronic forays. When classified information is transmitted over unprotected computer networks or telephone lines it is supposed to be specially coded.
American investigators said members of the Dutch group boasted that they could enter computers using international data networks with impunity. But some of the intruders have been identified, and a Federal official, who spoke on the condition of anonymity, said there were numerous other criminal offenses for which the intruders could be prosecuted in both the United States and the Netherlands. One possible charge might be telephone fraud.
But legal experts said that because there are no prohibitions against unauthorized computer entry in the Netherlands successfully prosecuting the group may still prove impossible.
The case is significant, legal experts said, because while the United States and many European countries have strict laws barring illegal access to computers there are many nations that have no computer crime laws. There is a proposed law before the Dutch Parliament that would make unauthorized computer access a crime. Also, a committee of the European Community is working to standardize computer crime laws within the community.
Computer networks are accessible from anywhere in the world via a telephone call. The Dutch group was detected last year after an unusually skilled United States Government computer researcher at a national laboratory tracked its every move using advanced computer security techniques. He notified Federal authorities of the break-ins.
The researcher has been able to make computer records of the intruders' keystrokes as they have electronically prowled through United States military, NASA, university and dozens of other computers. It has then been possible to play this information back and gain an exact picture of the computer screen as it appeared to the intruders in the Netherlands.
From 1986 to 1988 Clifford Stoll, an astronomer at Lawrence Berkeley Laboratories traced a similar group of West Germans, who were illegally entering United States computers and selling computer data and software to a Soviet intelligence officer. Mr. Stoll was able to persuade law-enforcement officials to locate the group in West Germany, and three arrests were made. A German court convicted the intruders, but gave them suspended sentences.
One computer expert who has watched the electronic recordings made of the activities of the Dutch group said they do not demonstrate any particularly unusual computer skills, but instead appear to have access to a compendium of documents that contain recipes for breaking computer security on many United States systems. These documents have been widely circulated on underground computer systems.
A computer industry executive, who spoke on the condition that he not be identified, said that he had seen several recordings of the break-in sessions and that one of the intruders used an account named "Adrian" to break in to computers at the Kennedy Space Center and the Pentagon's Commander in Chief of the Pacific.
"You could tell that the guy wasn't conversant with the computer he was on," the executive said. "It looked like he had a cookbook sitting next to him telling him what to do next at each step."
The tactics of the group are of particular interest to computer security experts because members have repeatedly used security loopholes demonstrated by a program written by Robert Tappan Morris, a Cornell University student, more than two years ago.
Last month a Federal appeals court upheld the conviction of Mr. Morris, who in 1988 unleashed a program that jammed several thousand computers in a nationwide network. He was fined $10,000 and ordered to perform 400 hours of community service.
The fact that the same security flaws can be used to illicitly enter computers several years after they were widely publicized indicates that many professional computer managers are still paying only minimal attention to protecting the security of the information contained on the computers they oversee, computer security researchers said.