bei@cs.utexas.edu (Bob Izenberg) (12/09/90)
From the 12-6-90 {Austin American-Statesman}:
NASA Bilked of $12 Million in Phone Calls, Paper Says
HOUSTON (AP) -- Computer hackers have pilfered $12 million in
telephone charges from the Johnson Space Center over the past two
years in what at least one expert said was the biggest such theft in
the nation.
The {Houston Chronicle} reported in a copyright story on
Wednesday that possibly hundreds of people made illicit use of the
system over at least two years.
"It's the biggest one I've heard of, and certainly the longest-running
one I've ever heard of," said Detective Jim Black, computer crime unit
coordinator of the Los Angeles Police Department and a leading
authority on telecommunications theft.
NASA issued a statement late Wednesday calling the Chronicle story "an
extraordinary exageration of federal telephone misuse."
Spokesman John Garman said that the entire annual charges for its
Federal Telephone Service, a dedicated service like a WATS line,
amounts to about $3 million.
"There has been no apparent changes to FTS call statistics from JSC,
nor indication of significant abuse of the FTS system over the last
several years," Garman's statement said.
It added that the FTS system cited in the article was discontinued
Nov. 16, when JSC officials discovered that the service had been
published in computerized "hacker's bulletin board."
"Any abuse of the FTS system at a level anywhere near the size
asserted in the {Chronicle} article would have been impossible to miss
and would have been immediately investigated," the statement said.
The figure of $12 million is extracted from costs of similar break-ins
around the nation described by law enforcement agents specializing in
computer crime.
Hackers frequently try to gain access to free phone service to charge
off regular conversations and computer contact with popular electronic
bulletin boards. Because these boards may be located in homes
throughout the world, the cost of calling them can quickly become
prohibitive.
The phone line pilferers typically find PBX numbers by trial and
error. PBX numbers, or private branch exchanges, are telephone
switching systems commonly used in medium to large companies. NASA's
system is one form of PBX.
At NASA, spokesman Steve Nesbitt told the Chronicle said the service
was stolen in two ways: by using a long-distance credit card number
and by direct use of NASA's phone lines. The credit card fraud was
discovered by AT&T when use of the credit card number exceeded typical
patterns.
Black and Gail Thackeray, an assistant Arizona attorney general and an
expert in telecommunications, said such penetrations typically cost
from $100,000 a month for a small company to $500,000 per month at a
large firm.
The heavy losses at NASA were sustained through four lines in the
space center's regular phone system.
[ end of article ]
When I was shown this article last night, I experienced a mix of
dismay and pleasant surprise. Here was somebody digging a little
deeper into a story that had been given a cursory examination on the
first try. After I'd had a few hours to think about it, I became a
bit less happy with the way the story was put together.
The first and third paragraphs contradict NASA's statement first
mentioned in the fourth paragraph. Either NASA is right, or the
Chronicle is. Apparently some money was taken. The NASA spokesman
says that the figure of $12 million is incorrect. Okay, what's the
right number?
I read a particular quoted source's name with interest. Sun Devil
axe-grinder Gail Thackeray (and the LAPD detective) give figures for
what small and large businesses lose per month to phone fraud. In the
context of the AP story, the figures sound like a bill that Phreaks R
Us sends every business in the country. We're in headline territory
here, so we shouldn't expect figures to mean anything.
I hassled a friend in the news business about this last night (a poor
repayment for his letting me hang out for a newscast.) Why do some
reporters let officials write their stories for them? My friend put
it down to deadline pressure, which I can surely believe. But, having
been on both sides of the good-natured (?) ribbing broadcast
journalists take for doing superficial treatment of news stories, I
don't have much sympathy for a print reporter (even in a daily) who
doesn't ask a few more questions than were asked here. To Joe
Abernathy (the Chronicle reporter) and to the AP reporter, I would say
that I'm still waiting for the facts.
Bob Izenberg (512) 346 7019 [ ] cs.utexas.edu!{kvue,balkan}!dogface!bei
[Moderator's Note: Thanks for presenting this excellent rebuttal. If
you wait on Joe Abernathy to come up with the facts, you are going to
be waiting a long time. As an example, look at the hatchet job he did
in the Internet story. Have any corrections been offered? I agree that
any amount of theft of services (from computer site, telco, etc) is
too much theft. But as others have pointed out, the figures flying
around these days in the incidents brought to our attention have been
total fabrications -- like much of Abernathy's 'reporting'. PAT]