U.S. Astronomer Snared Spy Ring : Hackers Tripped Up by 75 Mistake

Finding a 75-cent accounting error in his computer system became an obsession for a Harvard astronomer. When he finally got to the bottom of it, he had found not only his missing quarters, but also an Eastern European electronic spy ring.

For more than six months, finding the computer “hacker” who broke into his files consumed 38-year-old Clifford Stoll.

On Thursday, a West German official announced the arrests of three hackers who allegedly acquired sensitive military computer passwords and codes and sold them to the Soviets.

It all started with a 75-cent accounting error that Stoll noticed in the Lawrence Berkeley Laboratory’s shared-time computer system accounts in August, 1986, when he was with the California facility.

“If it had been $1,000 off, I wouldn’t have thought anything of it,” Stoll said. “It’s like, if your house collapses, you just assume there’s been an earthquake. But if you find a tiny termite hole, you think, ‘Geez, I’d better investigate.’ It’s the little problems that are the most fascinating.”

‘Nothing but Watch’

Stoll searched for clues for three days and discovered that the error was caused by someone who had gained access to the computer through telephone lines.

“For four months, I did absolutely nothing but watch what he typed in,” said the bushy-haired Stoll.

Stoll said it became apparent that the hacker was trying to use the Berkeley Laboratory’s computer as a gateway to the so-called Milnet, a computer network linking defense plants, university labs and military installations.

“He was searching for key words like nuclear, ICBM, SDI (Strategic Defense Initiative), biological warfare, NORAD (North American Air Defense). He was reading everything he could get his hands on, and then it turns out he was selling it to the Soviets,” Stoll said.

He said that he told the FBI about the hacker in the late summer of 1986 but that there wasn’t much of a response.

Bogus Military Data

Stoll said his girlfriend, tired of his electronic pager that would beep whenever the hacker got onto the system, was responsible for the big break in the case. She suggested that he lay a trap.

He created bogus military data and a fictitious computer network called “SDI Net.” The hacker took the bait, spending two hours reading through the material, giving Stoll enough time to trace the call to Hanover, West Germany.

Three months later, Stoll said, he got a letter from a man in Pittsburgh asking for information about SDI Net. When he turned that letter over to the FBI in April, 1987, he said, the bureau found that the man had connections to Eastern European governments and immediately began an investigation.