‘Joy-Riding’ Hacker Plagues Weapons Lab
A computer hacker has entered computers at the government’s Lawrence Livermore Laboratory eight times since last Saturday but has not yet caused any damage and has not been able to enter computers that contain classified information, Livermore officials said Friday.
Nuclear weapons and the “Star Wars” defense system are designed at Livermore, but information about those projects is kept in supercomputers that are physically and electronically separate from other computers at the laboratory.
The hacker, whose identity remains unknown, entered the nonclassified computer system at Livermore through INTERNET, a nationwide computer network that was shut down at the beginning of November by an intruder subsequently identified as graduate student Robert T. Morris Jr. of Cornell University. Morris allegedly created a computer virus that tied up of most of the computing power of as many as 10% of the 60,000 computers on the network, preventing them from carrying out their normal functions.
Like Morris, the Livermore hacker exploited defects in the Unix operating system--a group of programs that operate individual computers in the network--to break into the system. But the unknown hacker took advantage of different defects than those used by Morris, and this week’s break-ins are apparently limited to Livermore and are “unrelated to the Morris incident,” said Chuck Cole, Livermore’s chief of computer security.
The hacker also entered the computers Wednesday through a conventional telephone line and used that entry to give himself “super-user” status, providing access to virtually all functions of the non-classified computer systems. The intruder gave himself the code name “FTP anonymous demon.” In the jargon of Unix, demon is a standard term for a program that operates without the user requesting it.
But officials quickly limited the super-user access, although they left some computers vulnerable to entry in the hope of catching the intruder when he tries to re-enter the system.
“We want to know who he is, where he is, what he wants,” Cole said, “so we’ve been watching for him, and he is probably watching us. It’s become sort of a cat-and-mouse game.”
Although he has no evidence, Cole believes that there is only one hacker because the incidents have all been similar.
Start your day right
Sign up for Essential California for news, features and recommendations from the L.A. Times and beyond in your inbox six days a week.
You may occasionally receive promotional content from the Los Angeles Times.
