Monday, May. 22, 2000
School for Hackers
By ADAM COHEN
When Onel de Guzman's thesis proposal, titled "E-mail Password Sender Trojan," was rejected by Manila's AMA Computer College in February, the thesis committee gave a distinctly nonscholarly reason. "This is illegal!" the school's dean fumed. De Guzman wanted to write a program to "steal and retrieve Internet accounts of the victim's computer," allowing people to use those stolen log-ins to access the Internet free. The response from a faculty member, scrawled in the margin of the page: "We do not produce burglars."
De Guzman never got academic credit for "E-mail Password Sender Trojan." But the proposal's mangled syntax--de Guzman described a program that "catched and retrieved all lose passwords that users can enjoy"--was a dead giveaway. The proposal appears to have been a blueprint for the Love Bug virus that wreaked havoc on e-mail systems around the world, from the Pentagon to the British Parliament, and caused as much as $15 billion in damage. The skinny 23-year-old de Guzman came out of hiding last week for a press conference at which he came close to admitting responsibility for the Love Bug onslaught. Did he unleash the virus? "It is possible," admitted de Guzman, who sported dark glasses and covered his face with a handkerchief. If he did it, he insisted, it was as a result of "youthful exuberance."
As unlikely as de Guzman may seem as a mastermind of the most virulent computer virus in history, it's no great surprise to law-enforcement officials that it appears to have been hatched on a campus in the developing world. They say small cells of hackers--some at colleges, others in contact only electronically--pose an unprecedented threat to the computer systems of the industrialized world. For some, computer mischief is an educational exercise, a way to hone their computer skills. Others do it for sport or profit or the fun of committing large-scale vandalism. And for a growing number, the motivation is ideological or nationalistic. Cybercops have begun focusing on a small number of hacker havens--similar to money-laundering havens--where lax or nonexistent laws, corrupt and incompetent authorities, and adept programmers conspire to pose a threat to computer systems worldwide.
AMA Computer College is a pioneer in Philippine computer education. It's an up-by-the-bootstraps kind of place, where young people in a poor country can strive for the middle class. But AMA is also home to GRAMMERSoft, an underground computer group that provides programming to small businesses and allegedly sells thesis projects and homework to other students. De Guzman was a GRAMMERSoft member. Michael Buen, 23, whose thesis (accepted by the school) allowed users to make many copies of a single file, may also have been. Officials suspect that the Love Bug was formed by combining de Guzman's and Buen's work. These common features are one clue pointing to GRAMMERSoft's involvement. Another: the group's name appears in the Love Bug's coding.
The Philippines has all the makings of a fertile breeding ground for viruses. Thousands of young people are learning computer programming in schools like AMA. Computer laws are hazy. In fact, it's not clear that the Love Bug violates any local law. As for his motivation, de Guzman has been murky. At one point, he dismissed the virus as a "gimmick"--Filipino slang for a goof. But he also told reporters that "the Internet is supposed to be educational, so it should be for free." (In the Philippines, Internet access can cost $3 an hour, a stiff fee in a country where the average weekly income is less than $20.)
If de Guzman is a hacker with an ideological mission--a "hacktivist," in cyberlingo--he is not alone. This kind of political activism is the driving force behind the world's emerging hacker hotbeds.
PAKISTAN The Pakistan Hackerz Club has been making regular runs against American and Indian Internet sites. Its cause: an India-free Kashmir. P.H.C.'s leader, operating under the nom de hack "Dr. Nuker," may be the most prolific hacker working today. Among the P.H.C.'s targets: websites of Lackland Air Force Base in Texas; the Karachi Stock Exchange; and the Department of Energy's Albuquerque, N.M., home page, on which the club left a "Save Kashmir" message.
SERBIA Three days into the U.S. bombing of Kosovo, Serbian hackers saturated NATO's website with "ping" bombardments, in which one computer repeatedly calls another, shutting down its connections to the outside world. At the same time, NATO's mail system was flooded with virus-carrying messages from Belgrade. NATO dodged the cyber-offensive by switching to faster access lines. But a year after the war's end, the Serbs are still at it. Last month 50 commercial websites--ranging from Britain's Manchester United soccer team to German sport-gear manufacturer Adidas--had their content replaced with an image of a Serbian double-headed eagle and the slogan "Kosovo is Serbia."
CHINA As tensions between Beijing and Taipei have grown, hackers on both sides of the Taiwan Strait have been busy. Upset by Taiwanese President Lee Teng-hui's assertions that the island is a sovereign state, Chinese programmers unleashed viruses that tied up networks and displayed pro-Beijing messages. The Taiwanese fired back with a virus that made a mainland website display images of a popular Japanese cartoon character known as Hello Kitty.
Other countries have also been showing up on hacker watch lists. David Kennedy, director of research services at watchdog ICSA.net singles out Singapore, South Africa, Malaysia, Brazil, Argentina, Bulgaria and Poland as hotbeds of hacking. But the industrialized nations are starting to fight back. The Council of Europe has drawn up a treaty that would require nations to pass computer-crime legislation and cooperate on enforcement. And the high-tech crime subgroup of the G-8, which is meeting in Paris this week, will hear from a Who's Who of tech experts about ways to battle international virus propagation. Getting tough, however, has its risks. As Kennedy explains, "People who are talented and imaginative take that as a challenge and find ways to hack into sites."
The fact is that Third World hacking has political frisson. There's a satisfaction in outsmarting the developed world's best computer minds--a high-tech, Jesse Jackson-style cry of "I am somebody!" That certainly seems to be a widespread response in the Philippines. De Guzman's fellow students at AMA expressed quiet pride in his alleged international cybersabotage last week. The Manila Standard saluted him as "The country's first world-class hacker." "Yes," the paper exclaimed, "the Filipino can!"
--Reported by Ghulam Hasnain/Karachi, Unmesh Kher/New York, Michael Kitchen/Taipei, Elaine Shannon/Washington, Nelly Sindayen/Manila and Jan Stojaspal/Prague
With reporting by Ghulam Hasnain/Karachi, Unmesh Kher/New York, Michael Kitchen/Taipei, Elaine Shannon/Washington, Nelly Sindayen/Manila and Jan Stojaspal/Prague