Post-Napster Pirates Commandeer Computers

There’s been a wild party at the New York City Board of Elections. With plenty of movies--”The Green Mile,” “Braveheart” and “Unbreakable”--and pop music from Willa Ford and R.E.M., plus MTV videos. All free and all illegal.

To join the fun, online party-goers just directed their Web browsers to an election board computer site. Then they made their own copies of the entertainment stash before officials noticed this virtual rave party erupting in their computers.

Episodes like this one, which went on for weeks until the Board of Elections shut down the site last weekend, are part of an online piracy wave that is sweeping across the Internet.

When the online music-sharing service Napster was shut down by a judge four weeks ago, its millions of users had to go somewhere. Many shifted to the dozen or so legal online alternatives still in operation.

Others moved underground.

Computer hackers have taken the Napster idea and run with it, breaking and entering hundreds of corporate, university and private computers to store illegal copies of movies and music. Then they invite Internet partiers to swoop in and grab their own copies. It’s the online equivalent of teenagers hopping a fence to throw a pool party: If the homeowner suddenly returns, they run down the street to the next vacant pool.

When the New York election board shut down their site, hundreds of other computers worldwide had already been hacked for Napster-like swapping parties. Computers operated by Hewlett-Packard, AT&T; and DePaul University have recently been hit by these digital party pirates, and hackers boast of success against Microsoft and Kmart as well.

If unchecked, hackers virtually colonize some organizations’ computers. For example, the elections board has been hacked six times in the past month alone--turning it into a film and music festival.

Elections board computer managers were exasperated by the latest hacking wave--although no election records were involved, they said. “It’s very disturbing to find out that somebody is coming in and we don’t even know about it,” said Steve Ferguson, an information systems manager at the elections board. “[But] no matter what we do, at some point there’s some [hacker] who can get around it. . . . There’s always someone cracking those codes.”

Unlike Napster and some rival sites established for sharing music, there is no central hub to record communications among hackers or track pirated titles. So record companies and movie studios stand little chance of finding, let alone prosecuting, digital pirates.

In contrast, the hacks are simple to execute. Hackers use software robots to crawl the Internet in search of vulnerable computers. After commandeering a new storage spot, they simply deposit the digital entertainment materials.

Then hackers e-mail friends or place invitations on online chat rooms so interlopers can swoop in to gorge at an all-you-can-copy digital entertainment buffet.

Soon the swarm begins. Hundreds, and sometimes thousands, of opportunists descend upon the hacked sites to grab their favorite CDs or movies before the victim’s technology manager realizes what’s going on and pulls the plug.

Attacks Are Quick, Often Short-Lived

“From the time a [computer] is compromised to the time you see several hundred people downloading [music or movies] can be measured in hours,” said Brian Dunphy, a security expert with Riptech Inc., a firm that monitors hundreds of companies for online intrusions. Riptech noticed evidence of a big spike in such hacks shortly after Napster shut down.

Depending on the party site, the illegal offerings are as eclectic as the Internet itself. Archival sets of “The Simpsons” and “Friends” TV shows, as well as recent films such as “Jurassic Park III” are easy to find. Music files to suit any sensibility, from classical to Eminem, are plentiful--as are the latest PlayStation 2 video games, pornography and malicious hacking software.

Sometimes hacks persist undetected for weeks. “But it’s really only necessary to be successful for one night,” said Bruce Forest, a media piracy expert who has long tracked hacking trends. “It’s like being a drug trafficker--you only need a street corner that the cops won’t discover you on for one night.”

Many hackers also make fun of the site managers--or “deleters”--who remove the illicit materials. But the ephemeral process feeds a lively cat-and-mouse game that seems like part of the appeal.

Computer hackers have been exploiting this piracy technique for years. But Napster’s decline and fall has the illicit alternative surging. Hackers target computers called “FTP servers”--used by many organizations to distribute internal files to employees or customers. Such devices are often poorly guarded. By design or unintentionally, they may be configured to allow anonymous users to add or erase computer files at will. Even passwords or other security measures are easily subverted.

These hackers “are basically bandwidth thieves,” Dunphy said. They take over an online connection and a computer’s storage space to illegally distribute copyrighted materials, which the hackers call “warez” (pronounced “wares”).

Such attacks represent the most mischievous--some would say criminal--element of the peer-to-peer trend. Participants in that grass-roots Internet movement directly share digital entertainment files or software through such services as Napster, Aimster and Gnutella.

As more formal song-swapping services face mounting legal pressure to limit offerings to non-copyrighted materials or to charge users, warez trafficking runs rampant. It suggests one more reason why legal restrictions on the free sharing of intellectual property may prove futile.

And clearly, organizations whose computers have been hacked face a daunting challenge to regain control over their machines.

Tough Battle to Evict Pirates

Me2 Inc., a business psychology consulting service engaged in a battle with aggressive pirates before they could be evicted. Company Web programmer Prasad Chavali recently discovered that a hacker had loaded dance tunes by Fatboy Slim on a me2 computer. Dozens of party-goers from France were furiously grabbing songs--and clogging Chavali’s Internet connection.

“I turned off all anonymous access” to the compromised computer, he said. “But within five minutes they came back in,” he said. Chavali worked for four days to patch his security before it finally blocked access.

Similar experiences prompted the Tennessee Board of Regents, which governs state universities and colleges, to change its public information policies. Hackers recently loaded music from the German rap star Afrob, along with obscene taunts, onto a Board of Regents computer. It was the latest in a series of such attacks in recent weeks.

The Regents’ computer network administrator, Joe Rains, finally conceded defeat. He moved to radically restrict all public access to his computers. Rains regrets the draconian measure because it inhibits his agency’s ability to share information with the public.

This latest wave of hacking has proliferated partly because it’s easy. Perpetrators are often rank amateurs--known as “script kiddies” in hacking lingo--because they merely follow simple instructions available online. And insiders in large corporations also have joined the party, posting pirated files to their own company’s computers, experts say.

They are part of a growing piracy subculture--which has spawned hundreds of Web sites, Forest said. Some sites use warez listings as a hook for pornography sales. Others are elaborate, members-only clubs, such as https://www.astalavista.com, which charges $39 a year for hacking software, commentary on piracy techniques and tips for finding and exploiting new targets.

Other hacking sites are more like secret societies. Some users hang out in Internet chat rooms to get to know the initiated. Once in the fold, a world of free music, movies, software and pornography is revealed.

Many of the most sophisticated hackers who administer the warez clubs are teenaged music aficionados, said Forest, who has infiltrated one such club, and has seen its traffic quadruple during Napster’s decline. “I talk online to a lot of club administrators who seem like [top]-level consultants. Then they’ll say, ‘Oh, gotta go, my mom’s coming,’ ” he said.

Hackers place warez files in hidden locations on corporate computers to make accidental detection by legitimate users less likely. System administrators notice intrusions only after the computer’s storage drive suddenly fills up, or when their network use skyrockets as freeloaders join the fun.

Despite its growing popularity, experts view this hacking trend as a supplement to, rather than a replacement for, organized sharing networks. Such services have also seen their base of users rise sharply in Napster’s absence.

Bruce Schneier, a noted cryptographer and security expert with Counterpane Internet Security Inc., said security may improve, but online pirates will never pay for digital entertainment.

“The hacking community treats countermeasures as roadblocks and goes around them,” he said. “If you don’t want it copyable, don’t make it [digital].”