"Intense probe targets shadowy hackers group with local ties" ----------------------------------------------------------- Sunday, April 15, 1990 / Austin American-Statesman by Kyle Pope A shadowy gang of computer hackers with ties to Austin has become the target of a massive federal probe into the nation's high-tech underground. Federal and local authorities involved in the inquiry seized evidence from three Austin homes and a business in March. They say some action on the local cases, possibly including indictments or arrests, is expected in the next month. The computer crime crackdown - the largest ever launched by the U.S. government - has resulted in the temporary disbanding of the Legion of Doom, a notorious national group of young computer hobbyists with at least two Austin members. State and federal investigators say the 6-year-old group, which once boasted more than 150 members in nearly every U.S. state, has been connected to a string of computer crimes in Texas, Georgia, Arizona, Illinois, California and New Jersey. Officials say group members have electronically stolen money and long- distance telephone access numbers, changed credit reports, planted data- destroying computer viruses in government networks, attempted to tamper with hospital patient records, and distributed information that, if used, could have debilitated the nation's 911 emergency response network. So far, only four Legion of Doom members have been indicted for the crimes, and none has gone to trial. However, an investigation team coordinated by Assistant U.S. Attorney William Cook in Chicago and including the secret Service, the U.S. Department of Justice, the FBI and a handful of state attorney generals, has in the past six months raided the homes and businesses of about a dozen suspected legion members across the country. In Austin, Secret Service agents, local police and officers from the University of Texas Police Department seized computer equipment and documents from three homes as part of the probe. One local business, a role-playing game-publishing company called Steve Jackson Games, also was raided in the March crackdown, but officials say the firm is not a primary target of the hacker investigation. The firm is believed to have been raided because investigators wanted to examine equipment used by an employee. The search warrants used in the raids remain sealed from public view, and Secret Service and UTPD officials declined to comment on the case. Law enforcement sources say one of the targets of the Austin investigation is a juvenile who is not believed to be a member of the hacker group. The two other Austinites under investigation are legion members, authorities say, and have been linked to the 911 probe centered in Chicago. According to law enforcement sources, the two men helped circulate information about the 911 system's software through a national bulletin board network that hackers could call by using a telephone, a computer and a modem. In addition, details about ways to tamper with the emergency system were published in Phrack, a legion newsletter. While no one in Austin has been indicted or arrested, officials said they expect some action on the local cases in the next month. And state and federal authorities involved in the national investigation say they are preparing dozens of additional indictments aimed at the entire membership roster of the Legion of Doom. "It doesn't matter whether you commit a burglary by telephone or by breaking into a building," said Gail Thackeray, an assistant attorney general in Arizona, one of a handful of state investigators working solely on computer crime. "Did they expect that the rest of us would sit by and let every idiot kid in America break into our 911 system?" she said. "I do not respect the right of hackers to learn what they want to learn at the expense of the rest of us." Thackeray, who helped investigate a hacker's attempt to break into the computer system at the Barrow Neurological Institute in Phoenix, said the recent legion crackdown is a result of improved coordination among law enforcement agencies with jurisdiction over computer crime. In addition, she said, the effort has been boosted by a new breed of investigators with computing expertise. Because of the potential for widespread damage to both government and business computer systems, officials say the hacker probe has caught the eye of the Justice Department, which is pushing U.S. attorneys throughout the country to beef up their computer crime-fighting capacity. "There is a push on Capitol Hill to shore up our activity in this area," said an assistant U.S. attorney who asked not to be named. "I think this is the beginning of a boom." Said Thackeray: "There's more computer crime going on out there than any one agency can handle. We're totally flooded." For members of the Legion of Doom, the unwanted law enforcement attention is nothing new. Formed in 1984 and named for a gang that took on Superman and other heroes in the television cartoon Superfriends, the group has survived two other waves of criminal investigations. The first, in 1985, resulted in the arrest and conviction of five of the legion's founders for credit card fraud and theft by wire. After a brief resurgence, group members again were arrested en masse in 1987, only to revive again in 1988. But according to investigators familiar with the group, pressure form the recent legion crackdown is the most intense to date. Several of the investigators said the legion has shut down, at least for now. A history of the group written by one of its founders and obtained by the Austin American-Statesman seems to bear out investigators' suspicions. The 10-page document recounts significant developments in the group's history, from its founding in 1984 (an event "that would ultimately change the face of the computer underground forever," the brochure states), to its current, besieged status. The pamphlet acknowledges that "there is no indication that points to a resurgence in the future" and ends with the words "Legion of Doom (1984- 1990)." The brochure also takes potshots at federal investigators and the media, often accused by legion members of exaggerating their crimes and sensationalizing the group. "The Legion of Doom has been called everything from 'organized crime' to a 'communist threat to national security' to an 'international conspiracy of computer terrorists bent on destroying the nation's 911 service,'" the brochure states. "Nothing comes closer to the actual truth than 'bored adolescents with too much spare time.'" Finally, the legion history includes an "alumni" list that contains the code names of 38 current and former members. According to the legion's own accounting, 14 of the 38 people on the list have either been convicted of computer crimes or are under investigation. Officials familiar with the group say the legion's characterization of itself as a clique of bored whiz kids is inaccurate. Instead, they portray group members as sophisticated and organized malcontents who do not accept conventional concepts of respect and trust. "These are not just wacky kids," Thackeray said. "They have absolute contempt for the rest of us." "They are constantly in a high-level skill kind of game, part of a thrill. They've totally lost touch with reality." William Murray, a systems security fellow for the Ernst & Young accounting firm, said even though hackers take advantage of the tremendous power of personal computers, they still view their crimes as an electronic game of cat and mouse. "This whole sense of excitement and joy is not tempered," Murray said. "Nobody has told them that they have a responsibility for polite behavior." Some states, including Arizona, are developing treatment programs for hackers. Patterned after Alcoholics Anonymous and drug-treatment centers, the programs are aimed at rehabilitating hackers who have grown dependent on their craft. "It is absolutely addictive behavior," Thackeray said. "When they get their hands on tools as powerful as these computers, they lost all judgement."