Susan Sward, Jim Doyle, Pamela Burdman, Chronicle Staff Writers
In a courtroom in Raleigh, N.C., a 31-year-old man with shoulder-length brown hair will stand in handcuffs today and hear prosecutors argue that he should not be freed on bail because he is the world's most wanted computer hacker.
California-reared Kevin D. Mitnick could face 35 years behind bars and a $500,000 fine if convicted of the two federal charges against him -- computer fraud and illegal use of a telephone access device.
At the hearing before U.S. Magistrate Judge Wallace Dixon, prosecutors will say Dixon should keep Mitnick behind bars until his trial.
Mitnick is painted as ``a very big threat'' by law enforcement because of the abilities he has honed since he first got into trouble at Monroe High School in Los Angeles by tapping into the Los Angeles School District's computers.
Mitnick's enormous pride in his skills at a computer keyboard helped trackers snare him early Wednesday in the small apartment he rented near the Raleigh- Durham airport, according to law enforcement and computer industry sources.
Sought by FBI agents for the last two years for a probation violation, Mitnick triggered the series of events leading to his arrest when he broke into the home computer of one of the nation's foremost computer security experts, Tsutomu Shimomura of San Diego, on Christmas Day, authorities say. From that day forward, Shimomura made it his personal business to catch the thief.
The affidavit filed in Raleigh cites ``the attack'' on the system owned by the 30-year-old Shimomura. The affidavit also cites entries into the systems of two In-
ternet service providers, the Sausalito-based WELL and the San Jose-based Netcom Communications Inc.
Sources familiar with the case said Mitnick's booty included ``thousands of credit card numbers, including those belonging to some of the wealthiest people in Silicon Valley.''
The publicity over Mitnick's arrest and the apparent magnitude of his electronic pilfering set off a flurry of debate yesterday over the lack of security on the Internet network.
``Putting a credit card number on the Internet right now is like leaving your door open in a high crime neighborhood,'' said Jim Bidzos, whose Redwood City company RSA is one of the nation's top computer security businesses.
Major Internet companies that want businesses to use the network to sell products have been scrambling for ways to secure credit card transactions and company computers from hackers, but ``the systems are very permeable now,'' said Eugene Spafford of Purdue University.
``A lot more energy is going into convincing companies to get consumers to use the network to buy products than is going into protecting themselves and their customers from people hacking the systems,'' he said.
Nowhere in the government's 10-page affidavit is Mitnick named, and nothing is told of the road the unemployed computer programmer traveled before ending up behind bars.
The turf where Mitnick operated was the Internet, a global web of computer networks used by about 20 million customers. Prosecutors will not say how many people he victimized, but they say he was stealing information worth more than $1 million.
To his detractors, Mitnick is a computer terrorist, a man of no conscience. To others who have defended or counseled him, he is a man who looks at hacking as the ultimate challenge -- ``It's Mount Everest -- because it's there,'' as one of his lawyers put it.
The son of a waitress in the San Fernando Valley, Mitnick first got into trouble with the law in 1981 when he was placed on probation for stealing computer manuals from Pacific Bell.
A year later, he and a friend broke into a computer used by the North American Air Defense Command, and in 1989 he was sentenced to serve one year at the low-security federal facility at Lompoc after he was convicted of stealing $1 million in software from Digital Equipment Corp. When he disappeared in November 1992, FBI agents searched his home with a warrant stating he had been breaking into telephone company computers.
Federal agents had hunted Mitnick ever since, but it was not until the electronic theft from the computer at Shimomura's beach cottage that the case slowly began cracking open, sources said.
Using monitoring posts first at the WELL in Sausalito and then at Netcom in San Jose, Shimomura made it his business to catch the thief who raided his files. By last Saturday, Shimomura had concluded that Mitnick -- notorious in the computer world -- was the man he wanted.
Using a software tracking method of his own, Shimomura -- who works for a federally financed computer research center in San Diego -- pinpointed Mitnick's whereabouts to somewhere in Raleigh. By Sunday, he was on a flight to the Raleigh-Durham International Airport, and by early Monday morning -- working with local telephone company officials and federal agents -- Shimomura helped nail down the intruder's location even more precisely -- a 12- unit apartment complex north of Raleigh.
After a 24-hour stakeout, the FBI arrested Mitnick.
Interviews with law enforcement and industry sources close to the case provide a picture of how an intensive, electronic manhunt brought Mitnick down:
Internet devotees were first put on guard about the security threat last month after Shimomura told a Northern California computer conference about the theft of his files, and the Pennsylvania- based Computer Emergency Response Team issued an on-line alert.
Several days later, Mitnick left more tracks when he broke into a ``Computers, Freedom, and Privacy'' account set up by activists who oppose government intrusion into the computer world. His presence in that account at the Sausalito- based WELL was noticed by the staff on January 27 during a routine scan designed to find over- stuffed accounts.
By last week, federal investigators were camped out with industry engineers at control rooms at both the WELL and Netcom, monitoring the hacker's every on-line move.
Each time the hacker logged onto the system, alarms went off and telephones rang.
``He developed a pattern, and that's what led to his capture,'' said Netcom CEO Bob Rieger, who said his staffers eventually could predict when Mitnick was about to log in.
After Mitnick was arrested, Shimomura described what he thought of Mitnick's techniques. He told one reporter: ``He's very sloppy. It was just a matter of figuring out where he was. . . . It was very much a deductive process.''
In a Raleigh courtroom at a prearraignment hearing, two men with shoulder-length hair -- computer sleuth Shimormura and computer fraud defendant Mitnick -- finally met face to face for the first time, according to the New York Times.
``Hello, Tsutomu,'' Mitnick said. ``I respect your skills.''
Shimomura nodded.
DAY: FRIDAY
DATE: 2/17/95
PAGE: A1
© 2/17/95 , San Francisco Chronicle, All Rights Reserved, All Unauthorized Duplication Prohibited