FBI lectures hackers at convention
By Adam Steinhauer, Sunday, July 28, 1996
Las Vegas Review-Journal and Las Vegas Sun, B1


   The Spot the Fed contest, held annually as part of the DefCon
Convention in Las Vegas, may not have been as challenging as usual this
year. Some of the FBI agents who showed up Saturday actually gave a
formal presentation.

   "There is a tremendous amount of talent and skill in this group here
today," FBI Special Agent Andrew Black told the largely tattooed,
long-haired and pierced group.

   He exhorted the mostly college-age men to use their computer skills
constructively. "It's very easy to be cynical of the government and to
be cynical of the American culture ... It's harder to build something
that lasts."

   Many attendees of the DefCon IV convention -- this weekend's annual
gathering of what is billed as "the computer underground" -- were more
likely to fear Black, part of the FBI's computer crime unit in San
Francisco, than to solicit him for advice. (Thus the annual contest with
T-shirts as prizes for conventiongoers who identify undercover agents
among them.)

   The security of computer networks, which the government and large
corporations have come to rely on, is the main topic of conversation at
DefCon, held this year at the Monte Carlo. Its organizers and some of
its attendees have made reputations for themselves by violating those

   Daniel Saito, a DefCon organizer and Southern California computer
programmer, said his family paid fines when, at the age of 14, he hacked
into the computer system of the telephone company and manipulated
information. Today, at age 20, he says he has given up doing illegal
things with his computer skills.

   Many of those at DefCon IV are young wannabe hackers, said Saito, who
on the Internet goes by the name "Satan." A large number of corporate
computer security experts also attended.

   A smaller number is probably really capable of hacking, but few will
do real damage, he said. Most are only looking for a good time, through
the challenge of cracking a difficult security system.

   "Basically, it's a drug," he said. "It's a psychosomatic, ego-driven
drug. It gives them an adrenaline rush and keeps them up all night."

   Some hackers are capable of more than light fun, however. Black spoke
of a recent case when a Russian man broke into Citibank's cash
management computer system and wired $10 million to locations around the
world, where partners picked up the money. The FBI broke the case,
arrested the key players and returned most of the money.

   But some fear such incidents are likely to become more common.

   "There's going to be a total escalation" of computer crime against
corporations, Jeff Moss, the founder and lead organizer of DefCon, said
in a recent interview with Forbes ASAP magazine. Moss, and other
computer security experts, have said most large corporations are
vulnerable to having their systems breached by knowledgeable hackers.

   In the back of the meeting room at the Monte Carlo, a group of young
men sat before laptops at a round table, playing Capture the Flag. In
this game, competitors try to break into several secured network systems
and write their names in a computer file inside. They also try to
reprogram the systems to be more secure, ensuring that competitors don't
remove their names from the flag file.

   Nearby, a security software company ran its own game as a promotion,
offering $10,000 to any hacker capable of breaking into its system.

   A large number of corporate security experts also attended the

   Steve Kirk, who helped run the main Capture the Flag game, described
a relatively innocent motive for attending DefCon, repeated by other

   "Part of it's the atmosphere," said Kirk. "You've got all these
people here who are really able to talk at a high level of knowledge.

   And one FBI agent said few attendees are doing anything criminal. "A
small percentage of them give the rest a bad name. The term 'hacker' is
not necessarily derogatory."