1. PROBLEMA
4.2 CLUSTER
In October 1999, I glanced at the front page of the Wall Street Journal. The headline
read “Audacious ‘Phonemasters’ Stole Numbers, Pulled Scams, Tweaked Police.”
[Calvin Cantrell and the “Phonemasters”] had gained access to telephone net- works of companies including AT&T Corp., British Telecommunications Inc., GTE Corp., MCI WorldCom (then MCI Communications Corp.), Southwestern Bell, and Sprint Corp. They broke into credit-reporting databases belonging to Equifax Inc. and TRW Inc. They entered Nexis/Lexis databases and systems of Dun & Bradstreet, court records show.
The breadth of their monkey-wrenching was staggering; at various times, they could eavesdrop on phone calls, compromise secure databases, and redirect communications at will. They had access to portions of the national power grid, air-traffic-control systems and had hacked their way into a digital cache of unpublished telephone numbers at the White House. …Their customers included private investigators, so-called information brokers, and—by way of middlemen—the Sicilian Mafia. According to FBI estimates, the gang accounted for about $1.85 million in business losses.
…[They had] a price list: personal credit reports were $75; state motor-vehicle records, $25; records from the FBI’s Crime Information Center, $100. On the menu for $500: the address or phone number of any “celebrity/important per- son.”
…[Cantrell and two others] agreed to plead guilty to federal charges of one count of theft and possession of unauthorized calling-card numbers and one count of unauthorized access to computer systems.1
In 1995, I had done some digging around about something called Blacknet. Supposedly, those involved in the scheme were “super information brokers” dealing in everything from trade secrets, product designs, and manufacturing methods to personal medical records, merger activity, and lascivious e-mail. If you wanted to buy or sell any information, you would just use their public key to send an encrypted mes- sage to any one of several locations in cyberspace. They would check you out and if they thought you were okay, they would contact you.
Some sources said Blacknet was a cyberpunk hoax. Other sources said it was an FBI sting.
1. “Phone Hex: How a Cyber Sleuth, Using a ‘Data Tap,’ Busted a Hacker Ring; Audacious ‘Phonemasters’ Stole Numbers, Pulled Scams, Tweaked Police; A Sex-Line Prank on the FBI,” by John Simons, The Wall Street Journal, October 1, 1999.
The computer security “old guard” told me I shouldn’t dignify the rumor by putting it in print, but I ran with it anyway. I just wanted to raise the question. The concept seemed plausible to me. Whether ”Blacknet” itself existed wasn’t important. What
wasimportant was that similar criminal activity was probably already underway.
Indeed, “Blacknet” turned out to be a hoax propagated by Tim May.2
Scott Charney, then head of the U.S. Department of Justice’s Computer Crime and Intellectual Property (CCIP) section, wouldn’t confirm or deny the existence of Blacknet itself, but did say that he saw such activity as an emerging threat.
“We’re getting more and more evidence of organizations being put together to traffic in information,” Charney says. “That’s almost a natural progression, considering the environment we’re dealing with.
“Even within the stereotypical ‘hacker ‘category,” he continues, “the so-called hacker ethic is changing. There used to be the notion that hackers meant to do no harm. But now some hackers have said, ‘Hey, I want get out of my parents’ house. I need money. If there’s something I can sell, I’m going to sell it.’ We’ve seen hackers selling credit cards.”
What Charney couldn’t talk about at that time was a criminal investigation that had commenced down in Dallas, Texas.
In August 1994, FBI Special Agent Mike Morris got a tip from a private investigator (PI) that two hackers in Dallas, Calvin Cantrell and Brian Jaynes, were selling infor- mation to other less scrupulous PIs. Indeed, two PIs, William “Trace” Carpenter and Paul Crute, were arrested and convicted for succumbing to the enticements of Cantrell and Jaynes.
But there turned out to be much more to what came to be known as the Phonemasters case, as former U.S. Prosecutor Matt Yarbrough explains.
“It all started off as an information-selling business,” he says. “They were hacking Equifax; they were hacking Southwestern Bell. They were getting into the files and selling the unlisted telephone numbers of celebrities, etc. They were not only selling to PIs, but to whoever was interested. Their price list was posted on a BBS. That was the basis for the wiretap application.”
Blacknet was, indeed, a reality. The gang included Corey Lindsly (a.k.a. Tabbis, the acknowledged ringleader) in Philadelphia and John Bosanac (a.k.a. G) in San Diego, as well as Cantrell and Jaynes in Dallas.
CHAPTER 7 GRAND THEFT DATA: CRACKERS AND CYBER BANK ROBBERS 103
2. "Introduction to BlackNet," May, Timothy C. from High Noon on the Electronic Frontier: Conceptual Issues in Cyberspace, Peter Ludlow (ed.), MIT Press, 1996, pp. 241-243.
The FBI got its wiretap approved and then set up the United States’ first-ever Title III data interception on a high-speed analog telephone line on Cantrell’s home phone. The FBI was doing real-time interception of both voice and data (i.e., keystroking) and was recording both conspiratorial conversations and actual hacking activity on- line.
According to Yarbrough, when FBI agents started to listen, they were “just blown away.” It turned out that Cantrell and Jaynes were involved in a larger group. “They were stealing information and selling it,” he says. “They were getting into every major database. They were creating scripts to automate the downloading of 1-800 numbers, 14-digit international numbers, 7-digit domestic calling numbers, etc. “They were breaking and entering. They broke into a Southwestern Bell office in Arkansas and stole a bunch of switching manuals. They were very aggressive dump- ster divers. They did great intel on people. They went so far as to break in and steal machines. They were also phenomenal at social engineering. They were so knowl- edgeable from their dumpster diving that they could call in and pretend to be some- body else and get root access over the phone. They did it all.
“They even stole an STU phone and another machine from SWB [Southwestern Bell] and then began to do their own wiretaps,” Yarbrough continues. “So at one point we were tapping them, and they were tapping SWB employees. We were getting a down- load image of what they were downloading, capturing all of the wiretap that they were doing. We were tapping a tapper.”
One of the Phonemasters (not identified and not charged for this particular crime) even hacked into the FBI’s National Crime Information Center (NCIC) computer. The NCIC computer houses all the criminal records for federal, state, and local law enforcement agencies.
Usually, a standalone system (i.e., one not connected to any network) is used to dial in and access the NCIC computer. But a local police chief had wanted access to the NCIC from his desktop, so it was connected up to the local area network (LAN) in the office of the police department. The problem was that a modem was connected to that LAN to service it remotely.
One of the Phonemasters worked as a technician for the service company. He would call the secretary and say, “Hey, we have to do maintenance on the LAN over the weekend, so leave it up and running.” And the Phonemasters would have access to the NCIC database throughout the weekend.