How San Diego Man Set Electronic Trap For Notorious Hacker

   Susan Sward, Jim Doyle, Pamela Burdman, Chronicle Staff Writers 

   In  a  courtroom in Raleigh, N.C., a 31-year-old man with an obsession
   about  computers  will  stand  in handcuffs today and hear prosecutors
   argue  that  he should not be freed on bail, because he is the world's
   most wanted hacker.

   Kevin  D. Mitnick, whose troubles with computers and the law date back
   to  his  youth  in the San Fernando Valley, could face 35 years behind
   bars  and  a  $500,000  fine  if  convicted of the two federal charges
   against  him  --  computer fraud and illegal use of a telephone access
   device.

   In   the   courtroom   audience   is  expected  to  be  a  30-year-old
   computational  physicist  named Tsutomu Shimomura, one of the nation's
   foremost  computer  security  experts,  who made cracking the case his
   business after his files were broken into on Christmas Day.

   As  prosecutors  prepared  to make their case to U.S. Magistrate Judge
   Wallace Dixon that Mitnick should be kept behind bars until his trial,
   details  emerged  yesterday about how FBI agents ended up encircling a
   12- unit Raleigh apartment complex and nabbing him Wednesday.

   ``The  FBI  wanted him for two years,'' the soft-spoken Shimomura said
   in  a telephone interview last night from Raleigh. ``We wanted him for
   two  weeks -- after we knew who he was. Once we decided who it was, it
   didn't  take  too long to find him. We got a lot of cooperation from a
   lot of people, in law enforcement and in the industry.''

   In  the  end,  Shimomura  said:  ``Mitnick  was  just pretty sloppy in
   general,  which  enabled us to track him. He caused a lot of us grief,
   but  I  don't  think he is technically that skilled, and also he could
   have done much more damage if he wanted to.''

  WANTED SINCE 1992

   Sought  by  the FBI since 1992 for a probation violation on a computer
   theft  charge, authorities say Mitnick triggered events leading to his
   arrest when he used hacking techniques to break into computer files at
   Shi-

   Shimomura said last night that following the theft of more than 30,000
   pages  of  hard  copy  from  his  files, he began focusing on the case
   closely.  By  the  end of January, he had seen enough evidence to make
   him  conclude that the man who crept into his files electronically and
   copied them was Mitnick -- a notorious figure in the computer world.

   ``The real motivation for tracking him, for putting together a team to
   go after him, was that we considered this was not acceptable behavior,
   and  it  will not be tolerated,'' said Shimomura, a senior fellow at a
   federally  financed computer research center in San Diego and a senior
   researcher  at  the  University of California at San Diego's School of
   Engineering.

   The  affidavit  filed  in  Raleigh cites ``the attack'' on Shimomura's
   system.  The  affidavit  also  cites  entries  into the systems of two
   Internet service providers, the Sausalito-based WELL and the San Jose-
   based Netcom Communications Inc.

   Sources   familiar   with  the  case  said  Mitnick's  booty  included
   ``thousands  of credit card numbers, including those belonging to some
   of the wealthiest people in Silicon Valley.''

   Shimomura  said  that  material  found also included computer software
   controlling  the operations of cellular phones. ``One of the reasons I
   think  he  broke into my machine is I work with companies that do work
   for  cellular  companies,''  he  said. Shimomura's files also included
   ``some of the tools we have used to track these guys. I believe he was
   after those tools.''

  INTERNET SECURITY DEBATED

   The  publicity over Mitnick's arrest and the apparent magnitude of his
   electronic  pilfering  set  off  a flurry of debate yesterday over the
   lack of security on the Internet network.

   Shimomura himself said Mitnick's arrest does not end the problem. ``We
   need   to  address  the  issue  of  building  secure  systems,''  said
   Shimomura, who is working on a software program he plans to offer free
   on the Internet to help detect and prevent hacking.

   Others  agreed.  ``Putting  a credit card number on the Internet right
   now  is  like  leaving  your door open in a high-crime neighborhood,''
   said Jim Bidzos, whose Redwood City company RSA is one of the nation's
   top computer security businesses.

   Major  Internet  companies  that want businesses to use the network to
   sell  products  have  been  scrambling  for ways to secure credit card
   transactions and company computers from hackers, but ``the systems are
   very permeable now,'' said Eugene Spafford of Purdue University.

   ``A  lot  more  energy  is  going  into  convincing  companies  to get
   consumers  to  use  the  network  to  buy  products than is going into
   protecting  themselves  and  their  customers  from people hacking the
   systems,'' he said.

   Nowhere  in the government's 10-page affidavit is there any mention of
   the  road  that  Mitnick,  an unemployed computer programmer, traveled
   before ending up behind bars.

   The  turf  where  Mitnick  operated  was the Internet, a global web of
   computer networks used by about 20 million customers. Prosecutors will
   not  say  how  many people he victimized, but they say he was stealing
   information worth more than $1 million.

   To  his  detractors,  Mitnick  is  a  computer  terrorist, a man of no
   conscience.  To others who have defended or counseled him, he is a man
   who looks at hacking as the ultimate challenge -- ``It's Mount Everest
   -- because it's there,'' as one of his lawyers put it.

   Mitnick  has been honing his computer skills for a long time. He first
   got  into  trouble at Monroe High School in Los Angeles when he tapped
   into school district computers.

   The  son  of a waitress in the San Fernando Valley, Mitnick was placed
   on probation for stealing computer manuals from Pacific Bell.

   A  year later, he and a friend broke into a computer used by the North
   American  Air  Defense  Command, and in 1989 he was sentenced to serve
   one  year  at the low-security federal facility at Lompoc after he was
   convicted  of  stealing  software from Digital Equipment Corp. When he
   disappeared  in  November  1992,  FBI  agents searched his home with a
   warrant stating he had been breaking into telephone company computers.

   Federal agents had hunted Mitnick ever since, but it was not until the
   electronic  theft  from the computer at Shimomura's beach cottage that
   the case slowly began cracking open.

  HOW TRAP WAS LAID

   Interviews with law enforcement and industry sources close to the case
   provide  a  picture  of  how  an intensive, electronic manhunt brought
   Mitnick down:

   Internet  devotees  were  first put on guard about the security threat
   last  month  after  Shimomura  told  a  Northern  California  computer
   conference  about  the theft of his files, and the Pennsylvania- based
   Computer Emergency Response Team issued an on-line alert.

   Several  days  later,  Mitnick  left more tracks when he broke into an
   account  set  up  by Berkeley computer programmer Bruce Koball for the
   public  policy  group called ``Computers, Freedom, and Privacy'' which
   opposes government intrusion in the computer world.

   Mitnick's  activity  in  that  account at the Sausalito-based WELL was
   noticed  by  the staff on January 27 during a routine scan designed to
   find  over-stuffed  accounts. Assistant U.S. Attorney Kent Walker said
   Mitnick  had  stored  about  100,000 pages of stolen data in the WELL,
   including data belonging to Shimomura.

   Using  monitoring  posts  first  at the WELL and then at Netcom in San
   Jose,  Shimomura  and  government  investigators  tracked the hacker's
   activities in the last two weeks, watching his patterns.

   By  last  Saturday, Shimomura had concluded that Mitnick was the thief
   --  based  on the information the hacker was stealing, including phone
   company records of the sort Mitnick was interested in.

   Relying  on  a  software  tracking method of his own, Shimomura traced
   Mitnick's  whereabouts to somewhere in Raleigh. By Sunday, he was on a
   flight  to  the  Raleigh-  Durham  International Airport, and by early
   Monday  morning  -- working with local telephone company officials and
   federal  agents  -- Shimomura helped nail down the intruder's location
   even more precisely -- a 12-unit apartment complex north of Raleigh.

   After a 24-hour stakeout, the FBI arrested Mitnick.

   In  a Raleigh courtroom at a prearraignment hearing Wednesday, the two
   men  with  shoulder-  length  hair  --  computer  sleuth Shimomura and
   computer  fraud  defendant  Mitnick  -- met face to face for the first
   time.

   ``Hello,  Tsutomu,''  Mitnick  said  to  Shimomura.  ``I  respect your
   skills.''

   Shimomura  said he nodded in response. ``He did not look very happy,''
   Shimomura  recalled. ``My feeling was he had caused a lot of grief for
   a  lot  of people, and he had incentive to stop. He had been to prison
   before, and he still continued.

   ``It  wasn't  acceptable  behavior,  and  something  had to happen. It
   seemed  throwing someone in prison is a very inelegant way of stopping
   someone. I wish there were an elegant way.''
     _________________________________________________________________

   DAY: FRIDAY

   DATE: 2/17/95

   PAGE: A1

   ©  2/17/95  ,  San  Francisco  Chronicle,  All  Rights  Reserved,  All
   Unauthorized Duplication Prohibited