Netcom Announcement Regarding the Arrest of Kevin Mitnick
<< BACK
Newsgroups: netcom.announce,netcom.general,netcom.netcruiser.announce,netcom.netcruiser.announce
Path: ix.netcom.com!netcom.com!nc0014
From: CEO Bob Rieger <bobr@netcom.com>
Subject: Letter from NETCOM CEO Bob Rieger to customers
Message-ID: <nc0014D44vDK.9tJ@netcom.com>
Followup-To: netcom.general,netcom.netcruiser.general
Sender: nc0014@netcom20.netcom.com
Reply-To: nc0014@netcom.com
Organization: NETCOM On-line Communication Services, Inc.
X-Newsreader: TIN [version 1.2 PL1]
Date: Fri, 17 Feb 1995 07:27:19 GMT
Approved: nc0014@netcom.com
Lines: 105
Xref: ix.netcom.com netcom.announce:201 netcom.general:50516 netcom.netcruiser.announce:11
NETCOM HELPS PROTECT THE INTERNET
- A Letter from CEO Bob Rieger to Our Customers -
I know many of you are interested in NETCOM's involvement with the
arrest
of Kevin Mitnick, and how this may impact you, if at all, as a
NETCOM
subscriber. First, let me supply a chronology of events:
1. In a routine security check, NETCOM discovered a misappropriated
file.
As a result, we began an investigation to trace what appeared to
be a
security breach.
2. At about the same time, the WELL (a small Sausalito-based on-line
provider) was investigating an account with an unexpectedly large
amount
of disk usage. In the course of this investigation, they discovered
suspicious material which included items believed illicitly obtained
from
well-known network security expert Tsutomu Shimomura's computer.
Mr. Shimomura performed network monitoring at the WELL, and determined
that
the account was being accessed from a number of sites, including
NETCOM.
3. The WELL contacted NETCOM for assistance in tracking the source
of the
security breach.
4. A day or two later, the FBI contacted NETCOM and requested NETCOM's
active involvement in the broadening investigation of the suspicious
activities at the WELL.
5. NETCOM caucused with representatives of the WELL, the FBI, the
U.S.
Attorney's Office, Mr. Shimomura, and Julia Menapace (an independent
computer consultant and associate of Mr. Shimomura).
6. Following the conversation, it was decided that the best vantage
point
for further tracking of these activities was NETCOM's Network Operations
Center.
7. NETCOM operations staff joined their efforts with Mr. Shimomura
and
his associates to trace the suspect intrusions to a particular
telephone
modem in NETCOM's Raleigh, N.C. site.
8. At that point, the U.S. Justice Department subpoenaed the local
telephone carrier for records of dial-ins at specific times to
this
modem. It became apparent that the telephone company's switch equipment
had been compromised, so that these records could not be obtained.
However, the Justice Department found another method for making
a match.
9. With this information, the Justice Department knew the approximate
location of the originating call.
10. Mr. Shimomura flew to Raleigh and used cellular tracking equipment
to
locate the apartment building the calls were coming from. Eventually,
the
calls were traced to an individual apartment, and Mr. Mitnick was
arrested.
I hope this detailed recounting helps explain the necessity for
silence
and discretion on NETCOM's part while the investigation was ongoing.
Similarly, we need to be appropriately discrete during the
continuing investigation of Mr. Mitnick's alleged illegal activities.
While respecting these legitimate restraints, we will provide
as much information as possible on a timely basis to you. (As an
aside,
you may have noticed that I recently promoted Mr. Kael Loftus to
the
position of Customer Liaison. Mr. Loftus has already proven
very
helpful in facilitating communication between our customers and
NETCOM.)
There has been some concern expressed about the security of NETCOM
customers' credit card numbers. While this incident may have involved
the
duplication of some credit card numbers, this would apply only
to UNIX
shell accounts. NETCOM has always made system security its top
priority,
but every UNIX system has loopholes that can potentially be exploited
by
an expert cracker. However, to provide additional security for
our UNIX
accounts, we have further isolated these customers' billing information,
including credit card data. This is why the "ccupdate" feature
for the
UNIX shell accounts has been disabled, and why the "quota" program
currently says,"Your account balance is temporarily unavailable."
These
features will be reinstated when we are able to do so in a secure
fashion.
As a practical matter, at this time we have absolutely no indication
that
any of our UNIX shell customers' credit card numbers have been
used
illicitly.
Naturally, we encourage all customers to check their credit card
billing
statements carefully. If there is any hint of inappropriate billing,
this
should be brought to the immediate attention of the credit card
issuer
for reversal of those charges.
The incident did not involve NetCruiser accounts, which make up
the vast
majority of NETCOM accounts. Fortunately, the security firewalls
built-in
to NetCruiser's system architecture makes such a compromise far
more
difficult.
The big story in all of this is that the Internet is maturing into
an
extraordinarily efficient means of communication that millions
of people
use and depend on daily. NETCOM will do everything in its power
to help
assure the security of our network. We will spend the money and
employ
the technology, but deterrence is our real goal.
Common thieves should know that NETCOM will be ever vigilant in
seeking
their identification and prosecution.
--
"THOSE WHO WOULD LEAD MUST SEEK TO SERVE."
__________________________________________________________________________
Kael Loftus, Customer Liaison
NETCOM On-line Communications, Inc.
nc0014@office.netcom.com
24-hour Tech Support: 408-983-5970
Return to TAKEDOWN
Return to Books that Stack
Return to NoobowSystems Lab. Home
http://www.noobowsystems.org/
Nov. 27, 2000 Page Created.
Aug. 17, 2002 Reformatted.