FBI lectures hackers at convention By Adam Steinhauer, Sunday, July 28, 1996 Las Vegas Review-Journal and Las Vegas Sun, B1 ---- The Spot the Fed contest, held annually as part of the DefCon Convention in Las Vegas, may not have been as challenging as usual this year. Some of the FBI agents who showed up Saturday actually gave a formal presentation. "There is a tremendous amount of talent and skill in this group here today," FBI Special Agent Andrew Black told the largely tattooed, long-haired and pierced group. He exhorted the mostly college-age men to use their computer skills constructively. "It's very easy to be cynical of the government and to be cynical of the American culture ... It's harder to build something that lasts." Many attendees of the DefCon IV convention -- this weekend's annual gathering of what is billed as "the computer underground" -- were more likely to fear Black, part of the FBI's computer crime unit in San Francisco, than to solicit him for advice. (Thus the annual contest with T-shirts as prizes for conventiongoers who identify undercover agents among them.) The security of computer networks, which the government and large corporations have come to rely on, is the main topic of conversation at DefCon, held this year at the Monte Carlo. Its organizers and some of its attendees have made reputations for themselves by violating those systems. Daniel Saito, a DefCon organizer and Southern California computer programmer, said his family paid fines when, at the age of 14, he hacked into the computer system of the telephone company and manipulated information. Today, at age 20, he says he has given up doing illegal things with his computer skills. Many of those at DefCon IV are young wannabe hackers, said Saito, who on the Internet goes by the name "Satan." A large number of corporate computer security experts also attended. A smaller number is probably really capable of hacking, but few will do real damage, he said. Most are only looking for a good time, through the challenge of cracking a difficult security system. "Basically, it's a drug," he said. "It's a psychosomatic, ego-driven drug. It gives them an adrenaline rush and keeps them up all night." Some hackers are capable of more than light fun, however. Black spoke of a recent case when a Russian man broke into Citibank's cash management computer system and wired $10 million to locations around the world, where partners picked up the money. The FBI broke the case, arrested the key players and returned most of the money. But some fear such incidents are likely to become more common. "There's going to be a total escalation" of computer crime against corporations, Jeff Moss, the founder and lead organizer of DefCon, said in a recent interview with Forbes ASAP magazine. Moss, and other computer security experts, have said most large corporations are vulnerable to having their systems breached by knowledgeable hackers. In the back of the meeting room at the Monte Carlo, a group of young men sat before laptops at a round table, playing Capture the Flag. In this game, competitors try to break into several secured network systems and write their names in a computer file inside. They also try to reprogram the systems to be more secure, ensuring that competitors don't remove their names from the flag file. Nearby, a security software company ran its own game as a promotion, offering $10,000 to any hacker capable of breaking into its system. A large number of corporate security experts also attended the conference. Steve Kirk, who helped run the main Capture the Flag game, described a relatively innocent motive for attending DefCon, repeated by other attendees. "Part of it's the atmosphere," said Kirk. "You've got all these people here who are really able to talk at a high level of knowledge. And one FBI agent said few attendees are doing anything criminal. "A small percentage of them give the rest a bad name. The term 'hacker' is not necessarily derogatory."