In addition to the Pentagon, MIT was targeted in a February 1 computer system break-in that a Department of Defense official has called "the most organized and systematic attack to date."
FBI agents raided the homes of two teenage boys in a small town north of San Francisco last Wednesday, reportedly catching one of them in the process of entering a Pentagon computer. The boys' computers were confiscated, although no arrests have been made.
While the hackers did not unearth classified information or cause serious damage to any of the systems they entered, they are reported to have wormed their way into powerful administrator privileges on some.
The hackers' targets were primarily US military computers as well as those at the University of California at Berkeley and national laboratories. At MIT, the computer affected was at the Plasma Science and Fusion Center (PSFC), running an old version of the Linux operating system, according to Donald R. Nelson, computer systems manager at the PSFC.
After gaining access to an MIT account, the hackers then took advantage of security holes in the operating system on that particular machine to use the privileges required to install and run a packet-sniffer -- a software tool that listens to all the traffic that passes by on the network.
Although nothing serious resulted from the break-in, "it was inconvenient and wasted some of our time," Mr. Nelson said. "We shut that node down. It was functioning as an e-mail and web server, but because it was running insecure software, it was not wise for us to continue to operate it. We moved the services on it to a more secure node."
The boys managed to install the packet-sniffer in a node that served half of one floor in the PSFC buildings. As the packet-sniffer recorded unencrypted passwords sent over the network for fetching e-mail, the hackers collected user names and passwords to computers outside the network.
"This particular server didn't have anything (important) on it, but it allowed them to get into the system," Mr. Nelson said.
He pointed out that MIT is often a target for attacks by network intruders, possibly because of the Institute's visibilty or prestige. "It's probably a feather in the cap of a hacker to break into a computer at MIT," he said.
Because of the security measures on the overall MIT network, the hackers were only able to access a single node in a local area network. The information they glean from one node allows them to move "from machine to machine to machine. It doesn't take many hops to get from MIT into the Pentagon," Mr. Nelson said, although these hackers' exact route to government computers may not have been through MIT.
A version of this article appeared in MIT Tech Talk on March 4, 1998.
