Who was Calvin Cantrell?
This article is from ZDNN (http://www.zdnet.com/zdnn/).
In a federal courtroom here, Calvin Cantrell stands
silently, broad shoulders slouched. His lawyer reads from a short
letter he has written:
"My parents taught me good ethics, but I have departed from some of
these, lost my way sometimes," the letter states. "I was 25 and living
at home. No job, and no future... . All I ever really wanted was to
work with computers."
Cantrell certainly did work with computers -- both
his own, and, surreptitiously, those of some of the largest companies
in the world. He was part of a ring of hackers that pleaded guilty
here to the most extensive illegal breach of the nation's
telecommunications infrastructure in high-tech history.
And sitting behind him in court as he was sentenced two weeks ago was
the accountant-turned-detective who caught him: Michael Morris. A
decade earlier, Morris, bored with accounting work, left a $96,000 job
at Price Waterhouse and enrolled in the FBI academy, at $24,500 a
year. Cantrell's sentencing was the final act in a five-year drama for
Morris, and secured his reputation as the FBI's leading computer
The tale of Morris and Cantrell is among the first cops-and-robber
stories of the New Economy, involving, among other things, the
first-ever use of an FBI "data tap." It illustrates how the nation's
law-enforcement agencies are scrambling to reinvent their profession
in a frantic effort to keep pace with brilliant and restless young
Unlimited potential for harm
The story also shows that hacking's potential harm is far more ominous
than theft of telephone credit-card numbers. Cantrell was part of an
eleven-member group dubbed "The Phonemasters" by the FBI. They were
all technically adept twentysomethings expert at manipulating
computers that route telephone calls.
The hackers had gained access to telephone networks
of companies including AT&T Corp., British Telecommunications Inc.,
GTE Corp., MCI WorldCom (then MCI Communications Corp.), Southwestern
Bell, and Sprint Corp. They broke into credit-reporting databases
belonging to Equifax Inc. and TRW Inc. They entered Nexis/Lexis
databases and systems of Dun & Bradstreet, court records show.
The breadth of their monkey-wrenching was staggering; at various
times, they could eavesdrop on phone calls, compromise secure
databases, and redirect communications at will. They had access to
portions of the national power grid, air-traffic-control systems and
had hacked their way into a digital cache of unpublished telephone
numbers at the White House. The FBI alleges, in evidence filed in U.S.
District Court for the Northern District of Texas, that the
Phonemasters had even conspired to break into the FBI's own National
Crime Information Center.
Unlike less-polished hackers, they often worked in stealth, and
avoided bragging about their exploits. Their ultimate goal was not
just fun, but profit. Some of the young men, says the FBI, were in the
business of selling the credit reports, criminal records, and other
data they pilfered from databases. Their customers included private
investigators, so-called information brokers and -- by way of
middlemen -- the Sicilian Mafia. According to FBI estimates, the gang
accounted for about $1.85 million in business losses.
"They could have -- temporarily at least -- crippled the national
phone network. What scares me the most is that these guys, if they had
had a handler, whether criminal or state-sponsored, could have done a
lot of damage," says Morris. "They must have felt like cyber gods."
Some may be still at large
With the exception of Cantrell, none of the defendants in the
Phonemasters case would comment on the matter. Others are thought to
remain at large. This is the story of Cantrell and two accomplices
largely put together from federal district court records and FBI
interviews. Morris first learned of the group in August 1994, when he
got a phone call from a Dallas private investigator, saying Cantrell
had offered to sell him personal data on anyone he wished. He even
offered a price list: Personal credit reports were $75; state
motor-vehicle records, $25; records from the FBI's Crime Information
Center, $100. On the menu for $500: the address or phone number of any
Morris immediately opened an investigation. Only 33-years-old at the
time, he had taken an annual pay cut to join the FBI just five years
earlier. He had been a tax consultant at Price Waterhouse, and
despised the work. "I was young and making the big bucks, but every
morning I would think 'God, I don't want to go to work.' "
Tall, square-jawed and mustachioed, Morris began working on
white-collar crimes when he arrived at the Dallas FBI field office. He
took on a few hacker cases and realized he liked the challenge. "These
guys are not the kind who'll rob the convenience store then stare
right into the security camera," he says. "Trying to be the Sherlock
Holmes of the Internet is hard when the fingerprints on the window can
be so easily erased."
Morris convinced the private investigator to meet with Cantrell while
wearing an audio taping device. After reviewing the tapes, he was
certain that he was onto something big. He applied for and received
court authority to place a digital number recorder on Cantrell's phone
lines, which would log numbers of all outgoing calls. It showed that
Cantrell frequently dialed corporate telephone numbers for AT&T, GTE,
MCI, Southwestern Bell and Sprint. Cantrell had also placed calls to
two unlisted numbers at the White House, which further piqued Morris's
So, late that summer, Morris took an unprecedented step. He began
writing a 40-page letter to the FBI's Washington headquarters, the
Department of Justice and the federal district court in Dallas.
Recording Cantrell -- now his central suspect -- while on the phone
wasn't sufficient for the job that faced him, he believed. Instead, he
needed new federal powers. He asked for Washington's permission to
intercept the impulses that traveled along Cantrell's phone line as he
was using his computer and modem.
"It's one of the hardest techniques to get approved, partly because
it's so intrusive," says Morris, who spent the next month or so
consulting with federal authorities. "The public citizen in me
appreciates that," he says. Still, the long wait was frustrating. "It
took a lot of educating federal attorneys," he says.
Once authorities said yes, Morris faced another obstacle: The
equipment he needed didn't exist within the FBI. Federal investigators
had experimented with a so-called data-intercept device only once
before in a New York hacker case a year earlier. It had failed
Morris and technicians at the FBI's engineering lab in Quantico, Va.,
worked together to draft the specifications for the device Morris
wanted. It would need to do the reverse of what a computer's modem
does. A modem takes digital data from a computer and translates it to
analog signals that can be sent via phone lines. Morris's device would
intercept the analog signals on Cantrell's phone line and convert
those impulses back to digital signals so the FBI's computers could
capture and record each of a suspect's keystrokes.
Alerting the victims
While waiting for the FBI to fit him with the proper gear, Morris
contacted several of the telephone companies to alert them that they
had been victimized. The reception he got wasn't always warm. "It's
kind of sad. Some of the companies, when you told them they'd had an
intrusion, would actually argue with you," he said.
GTE was an exception. Morris discovered that Bill Oswald, a GTE
corporate investigator, had opened his own Phonemasters probe. Oswald
and Morris began working together and uncovered another of Cantrell's
schemes: He and some friends had managed to get their hands on some
telephone numbers for FBI field offices. They entered the telephone
system and forwarded some of those FBI telephones to phone-sex chat
lines in Germany, Moldavia and Hong Kong. As a result of the prank,
the FBI was billed for about $200,000 in illegal calls.
Morris also learned that on Oct. 11, 1994, Cantrell hacked GTE's
computer telephone "switch" in Monticeto, Calif., created a fake
telephone number and forwarded calls for that number to a sex-chat
line in Germany. The FBI isn't sure how Cantrell convinced people to
call the number, but court records show that Cantrell received a
payment of $2,200 from someone in Germany in exchange for generating
call traffic to the phone-sex service.
In early December 1994, Morris's "analog data-intercept device"
finally arrived from the FBI's engineering department. It was a
$70,000 prototype that Morris calls "the magic box."
On Dec. 20, Morris and other agents opened up their surveillance in an
unheated warehouse with a leaky roof. The location was ideal because
it sat between Cantrell's home and the nearest telephone central
office. Morris and nine other agents took turns overseeing the wiretap
and data intercepts. The agents often had to pull a tarp over their
workspace to keep rain from damaging the costly equipment.
Read the entire article here
There's also an interesting documentary about Kevin Mitnick:
Freedom Downtime: Story of Kevin Mitnick