WZ: Hi I’m Wendy Zukerman and this is Science Vs from Gimlet Media… the show that pits facts against … floppy disks…against Federal Crimes… computer Fraud… …
JW: Stop!! These are all terrible…
WZ: Files… Like Computer files… what about FBI…
JW: Science VS Computer files… Really?? Please stop… Please stop...
WZ: Alright!... You want to introduce yourself?
JW: ok ok! Hi I’m Joel Werner. I make a podcast called Sum of All Parts.
WZ: Joel is a science journalist from Australia… he’s a great friend of mine …
WZ: and the reason Joel is here today…is because he’s been working on this crazy story… about the earliest days of hacking… And by the way this story has a few naughty words…
JW: It's from a time that's sort of like the dark ages of the internet..
WZ: The tale we’re gonna tell you is about an underground group of nerds who cobbled together their computers from bits of gear they found in the trash - and yet… they became the some of the most infamous hackers of their day… creating one of the world’s first international hacking scandals… But our story actually starts with a different set of nerds … nerds that had a ton of fancy, high-tech equipment … the best in the world: NASA.
We have auto set…
it was a huge project, but it had also gotten to be really controversial…
Good afternoon. At Cape Canaveral they are go for a long space shuttle Atlantis
JW The launch of the Galileo space probe wasn't supposed to be controversial.
The shuttle and it’s s five astronauts will deploy Galileo an unmanned space vehicle that will fly to Jupiter.
JW: But the controversy surrounding the launch was because Galileo was a nuclear-powered spacecraft
WZ: Wait… so why was that controversial?
JW: Well, People were worried that if the spacecraft exploded then it would spew radioactive fallout
WZ: Really? ..
JW: Yeah yeah you’ve got to remember this is 1989 this is the last days of the Cold War… so people were freaking out about nuclear - anything. And it’s only a few years after the Challenger Disaster. So NASA doesn’t exactly have a perfect record here..
SD: The scientists would come in the morning and put down their cup of coffee and sit down and try and log in
and they would find that instead of all their scientific data or their normal work there was a screen that would appear. That said your system has been Wanked.
WZ: WHHHHATTT? Your system has been WANKED?
JW: I know! It’s amazing right? so Wanks an acronym: for Worms Against Nuclear Killers… wank …
WZ Worms Against Nuclear Killers, that’s the lamest acronym I’ve ever heard they clearly wanted to say the word wank
JW: BUT this was actually part of the Galileo protests  So outside you had the physical protesters outside the Kennedy Space Center, and inside online, in the NASA system you had the WANK Worm, and it kind of freaked NASA out - for good reason. Because the thing about computer worms… is they’re kind of like computer viruses… except they spread on their own.…… and this had the potential to cause a lot of damage. Here’s Suelette
SD: So this worm was a self propelling bit of software that would in fact hop from machine to machine network to network and would get out and basically spread by itself. So this was very alarming and it started affecting first dozens and then hundreds and thousands of machines.
JW: And so the worm was spreading…wriggling beyond NASA. You see NASA network is connected to the U.S. Department of Energy CERN in Switzerland and the RIKEN accelerator facility in Japan. The WANK worm had gone international.
And this worm wasn’t just telling people their computer had been wanked… It told people that their files were getting deleted . There’s a doco about this called In the Realm of the Hackers where they interviewed a NASA guy from back then and this is how he describes it
John McMahon: What happened initially was there was a lot of phone calls going back and forth and a lot of confusion there were different things you would see depending on what the worm was trying to do to your machine. It would say hi I’m deleting all your files and start listing your files… saying delete delete.
JW: In the end NASA realised that the Wank Worm wasn’t actually deleting files… it just told people that it was. The Galileo launch went off without a hitch. But even so -- this was hardly benign. The worm took weeks to get under control -- it’s estimated that it cost NASA half a million dollars in wasted time and resources. All for what seemed to be an anti-nuclear protest … but still… in a weird way this was groundbreaking …
JW: Yeah, get that right… this is world’s first hack with a political message.
WZ: That’s crazy… when you think about people hacking for political purposes these days, it’s everywhere… these groups can basically get into anything they want
They allegedly breached government websites, major financial services, law enforcement…
people are saying Russian hackers influenced the US elections…
12 Russian Intelligence Agents hacked the Democratic party in 2016…
The Russian Hacked Computers of the Democratic Party Organisation.
And yet, one of the earliest hacks like this ... basically ground zero for hacktivism ... was this dinky little WANK worm!
JW: Every journey starts with a solid wank worm.
JW you gotta remember, back in the 80s, computer worms were really new, not many people would have seen anything like this before.
Now once NASA figured out how to stop the worm wanking .so to speak.. they wanted to know where the hell it came from.
SD: The French secret service had investigated where some of these connections were coming from because I think they were worried that the American investigators were going to pin this on them because some of the connections had gone through France but they were able to trace connections back to Australia.
JW: Australia….? Why would any Australian care what NASA was doing? …But… There was something else that tied this to Australia. Hidden in plain sight on that screen that said “your system has been officially wanked”... was also a cheeky reference to something very Australian.
SD: Also in the WANK worm was a banner that had appeared in infected machines and there's a quote at the bottom that said you talk of times of peace for all and then prepare for war
and no one knew where this was from. You know that some sanctimonious worm writer who’s has hacked this and sent it out there
JW: you talk of times of peace for all and then prepare for war?? The FBI had no idea where this came from… but then, a computer expert in Australia figured it out…In fact it was Dr Suelette Dreyfus flipping through her records collection and put 2 and 2 together.
SD: So is it from a midnight oil song from a fairly obscure album called species deceases.
But of course that was the political message. And that is in a sense what made this worm so special and unique was not just that it could jump from network to network it was that it contained a message an idea it was trying to spread.
WZ: OH man!!! It’s from a Midnight Oil song??? That’s so Aussie...
JW: Maaattee matee…
WZ: Ok.. ok.. so for the uninitiated…Midnight Oil is a huge Aussie band… particularly in the 1980s… Americans might know them for Beds are Burning .. do it with me…
JW: How do you sleep when our beds are burning?
WZ: But seriously though.. I can’t believe this was hackers in Australia in 1989??? Did Australia even have internet back then?
JW: Like just barely… Australia’s internet was switched on just four months before the NASA hack, in June 1989 …
WZ: That’s amazing four months! We had the internet! And we were breaking into NASA?
This guess to show that we can’t have nice things to play with.
JW: Yeah totally
WZ: So that’s all it took 4 months of being connected. And Australian hackers were breaking into NASA… After the break… who did this… and will they get caught?
SD: At that point, whoever was responsible had emerged in a kind of hazy silhouette from the
forest, but not clear enough to make out who it was, and then they slipped back among the
Welcome back… We’ve just heard the story of how in the 1980s hackers infected NASA with a worm that became known as the WANK worm. An electronic trail of clues… and a very cheeky Midnight Oil reference suggested Australians were behind it. And it was the really early days of the Aussie internet … Reporter Joel Werner is telling us the story from here…
JW: Right so it turns out that it only took a few months for a bunch of newbie hackers to start causing some serious shit to go down. And if you were looking for hackers in Australia in 1989 Melbourne was a great place to start. The city was a bit of a tech hub, and alongside it: a fringy punk tech community was starting to take shape …This is Dr Suelette Dreyfus again … and she wrote a book about these hackers.
SD: This early underground scene was comprised of a real mix of people. At heart, there
were people who were explorers, explorers on the frontier of technology, explorers on using
computer networks to talk and communicate with people in other countries, to learn
information. A lot of them turned to semi-legal activities breaking into university systems, telecom systems, not so much because they were criminals but because they couldn’t otherwise get access to this incredible technology that they knew existed.
JW: They did whatever they had to do to get their hands on the latest technology. There was a real sense of DIY in this scene.
SD: so they would go dumpster diving on the weekend they would go to both private companies and telecom and they would go the garbage dumps out the back and they would open them up and crawl inside and trawl around in the trash in order to find the manuals or bits of hardware that might have been discarded. These were absolute treasures they were like gold.
JW: A vibrant tech counterculture was fast evolving online, and its members would interact in primitive text only chat rooms called BBSs or bulletin board systems … Now, these BBSs became really important. It’s where hackers would meet to talk strategy. For the hackers this was their war room.
SD: One of the key things here is that no one's using the real name. people were using handle's and that was a relatively new thing. They would run this literally out of their bedrooms like at the end of their bed would be a table with his computer and a set of modems hooked up. And then they would basically log on to leave messages for people with similar interests and that was extraordinary people didn't have that before.
JW: But like all cliques these bulletin boards had fringes and they had an inner sanctum.
But then there were the back rooms the back rooms you know the gambling rooms the smoking rooms and in these rooms selected groups of people would trade in the currency of this new community and that was information.
JW: And at the back of the back of the most exclusive rooms was a hacker collective known as The Realm.
SD: The Realm traded information between the hackers who were in it but the hackers who were in it also traded in shared information with overseas hackers.
Julian Assange is the most high profile former member of The Realm. But at the time its best and brightest were two teenage boys, with the handles Phoenix and Electron.
SD: So Phoenix is arrogant and clearly intelligent but a braggart pretty extroverted. He is very cocky and sure but also pushy in a way that advances their explorations. Electron is very wry quietly spoken, holds things close to his chest but very technically adept, very willing to tap tap tap until you actually get through the other side.
JW: Already stars of the local hacking saying Phoenix and Electron began working around the clock trading information and techniques with the elite hackers of Europe and the U.S.
SD: There was definitely an attitude with the top hackers in other countries that the Australians were really serious players. If you said you were an Australian hacker you got a bit of respect. And it was in part because of these guys.
Joel: Which takes us back
<<we have ignition and liftoff of
to NASA... and the Galileo spacecraft
the Galileo spacecraft bound for Jupiter>>
WZ: So it was Phoenix and Electron who infected NASA with the WANK worm?
JW: Well… we know it was Australians who did it … and these two were among the sharpest hackers going around In Suelette’s book, which by the way, she worked on with Julian Assange and they interviewed a bunch of the hackers from this time, including Phoenix, and Electron.. And … and in it she describes a scene with Electron dancing around the dining room table chanting, ‘I got into NASA! I got into NASA!’ …
WZ: oh man
JW: Yeah I know - it would seem to suggest, maybe, that he was behind it… but no one’s was ever actually arrested for the wank worm hack specifically…
WZ: Riiight… ok… so they are looking very suspicious…
JW: Yeah… we don't know for sure it was them, although we can heavily suspect ..
JW. but from here, the plot thickens even more. because Phoenix and Electron are about to REALLY up their game that happens when they get their hands on .. Zardoz. This was an online newsletter that described all kinds of cybersecurity vulnerabilities …
SD: Zardoz was a kind of a holy grail for the hackers. Zardoz was where they would share security holes that they found for networks, for systems. And this gives you access not just to one system but to all the systems running that technology, it is a master key. and it was actually the name was taken from a science fiction cult film which starred Sean Connery.
FILM CLIP: Zardoz Zardoz Zardoz He's the only path and passage into the vortex. Zardoz.
JW: With Zardoz only can you get into a network you can essentially take control of the network.
SD: That kind of power is immense and giddying it was absolutely getting to these late teens early 20s. Boys often many of whom had never left Australia, had never owned a passport, to have that kind of access is incredible.
JW: And of course being bored teenage trapped in the suburbs, egging each other on, they start using this power they go on a rampage breaking into a high profile network after high profile network. And there’s no signs of slowing down…
SD: They've been penetrating systems at Los Alamos National Labs, Harvard University Digital Equipment Corporation, Bell Systems, University of Texas. You know it's a long list of prestigious institutions and now going for the small Fred's backyard pool digging service. They want to go for the big guys.
JW: Now with Zardox and all the vulnerabilities … Phoenix and Electron started hacking into heaps of computers, and really quickly… back to back, hack after hack, so much so that people thought there must have been another worm on the loose…automatically spreading from computer to computer.… That’s how The New York Times reported it in March 1990... Phoenix read about it… and loved that his work was getting written up in the Times.. But also kinda pissed that his hard work hacking into places was being attributed to some worm. And.. this moment was the beginning of the end for Phoenix and Electron.
SD: Phoenix calls up the reporter of The New York Times and brags to him. Brags to him about the fact that no it's not a worm breaking into these machines. It's actually people - not a rogue program. It's people.
John Markoff at The New York Times wrote an article based around his conversation with Phoenix and it made the front page.. And Phoenix was super excited by this.
SD: Phoenix is at this stage saying to Elektron what do you think we can make the cover of Time or Newsweek in Electron’s kind of head slapping going really. What is this guy on about? And so that's where in a sense it starts to go particularly pear shape because electron is horrified to know that Phoenix has done this. He's a low key kind of a guy he wants to stay a low key kind of right and he wants to stay out of prison. So he actually packs up his modem at that stage and gives it to his father and says hide the modem from me so I can't log on he is successful in finding the modem. It takes him I think a couple of days and there it goes plugged back into the wall and he's off and running again.
And while all this was happening… the police are also closing in. That front page article in the New York Times?… Well that got the FBI’s attention and they started hassling the Australian Federal Police… or AFP to do something about these hackers.
The FBI is calling the AFP and saying do something about these noisy hackers!! And that's when it all begins to become unraveled.
JW: Initially at least, it looked like the AFP would have no chance of catching the hackers… they didn’t know much about computers. I mean they were still using typewriters in the late 1980s! And there was also a bit of cultural disdain for cybercrime from within the police force - one cop from the time said, funnily enough, that cybercrime was considered to be - and I quote- “a bit of a wank”..
SD: It's funny the irony of this, both the AFP and the early hacker community were in a sense financially impoverished they couldn't just go out and buy lots of equipment they had to completely improvise. I know the AFP had to beg borrow and steal equipment from financial institutions, from other organisations. Could we borrow this? Can we have your old gear that you're throwing out. I mean they were all but dumpster diving themselves and pleading can we just have that for month so they could experiment with it.
JW: When the AFP decided to get serious about cybersecurity they had to rethink the way they gathered evidence. Basically - they had to link what was happening online with the real people that were doing it. And this was all so new that no one really knew how to do it.
SD So they actually developed this high speed modem tapping capability and it one of the first in a criminal investigation.
JW: Phoenix and Electron never saw it coming. In those final weeks these hackers of their generation grossly underestimated just how close the police were getting.
SD the AFP had tracked down The Realm hackers and they were watching and ready to pounce. And they needed to wait until they had gathered enough evidence and get in and get them
JW: And get them. They did.
SD Electron who has been hacking to late at night and he gets up to go use the loo, have a wee in the wee hours of the morning and the lights go out for reasons he couldn't figure out. And then all of a sudden. The police are bursting through his doors or his window coming into his room. Throwing him down on the floor. His father was I think completely surprised by the raid. I mean he had some inkling that his son was up to a bit of mischief, but not the kind of mischief that would see a half a dozen police officers raining down on the house in the middle of the night. Not like that. And it's funny because some of the hackers thought that they would be mentally prepared. I used to joke debate with the mentally prepare for when the cops came but I think none of them were
JW: On April 2nd 1990, less than a year after Australia first connected to the Internet, Phoenix and Electron were arrested. And they were charged with getting unauthorised access to computers in the US and Australia .. In court they both pleaded guilty but - kind of remarkably - avoided jail time -- getting several hundred hours of community service each.
While Julian Assange graduated from The Realm to create WikiLeaks and for better or worse and yknow come to dominate the international spotlight. Both Phoenix and Electron retired from the world of hacking and effectively disappeared.
WZ: Really? No one knows who they are?
JW: I tried to track them down, I talked to a bunch of people who were there at the time… but it was a series of dead ends, all I could figure is that if people this skilled at Computer Science want to disappear they can, just kind of disappear.
WZ: So what do you make of this whole story, this endeavour? What’s the aesop moral to this fable?
JW: Does it have to have one? I don’t know. I understand that what they did and the way they did it has ramifications that reverberate 30 years later, but I also think this is the story of bored teenagers in suburban Australia, and I was that kid, I grew up in the suburbs, in the 1980s, so you just do stupid shit to keep yourself entertained, my stupid shit was throwing rocks in windows in abandoned buildings, their stupid shit was breaking into NASA yknow?
WZ: And now that the internet has evolved to being so much more than it was then… bored and smart kids… they can so many break so many windows …
JW They can break Windows 95, 98…
WZ It’s stressing me out!! how can we dance when our earth is turning?
WZ + JW: HOW DO WE SLEEP WHEN OUR BEDS ARE BURNING.
CREDITS: Wendy to record later…
That’s Science Vs
A version of this episode first played on Joel’s podcast Sum of All Parts -- which is amazing! And you need to subscribe now!! Sum of All Parts. It's a show produced out of the Australian Broadcasting Corporation. And a new season will be out in early 2019. For now my favourite episodes were episode 7.0 The sound of seizure. Links will be in our show notes, along with a transcript -- full of citations.
The original story was produced by Joel Werner.
Science Vs is me, Wendy Zukerman, Rose Rimler, Meryl Horn and Odelia Rubin. Our senior producer is Kaitlyn Sawrey. We’re edited by Blythe Terrell. Mixed and sound designed by Emma Munger. Music written by Emma Munger and Bobby Lord. Our fact checker is Michelle Harris. A huge thanks to Alex Goldman, Jason Scott, Chris Avram, Prof Graham Farr, Barbara Ainsworth, the Zukerman Family and Joseph Lavelle Wilson.
Next week… we’re exploring… transgender…can science help us understand what makes us the gender that we are?
Nope I’m not going to be a mother, I’m going to be a father. He looked at me and went ok, if you work hard you can be whatever you want to be.
I’m Wendy Zukerman, fact next time.
 Total from start of planning through end of mission was $1.39 billion. International contribution estimated at an additional $110 million
 [Explanation of worms v viruses, as was understood in the early 1990s]: Viruses and worms are self-replicating, but Trojan horses are not. Viruses attach to other programs or data files, whereas worms and Trojan horses are autonomous. Viruses and Trojan horses are spread by user actions, but worms do not require user action to propagate and execute.
 SD convo, 12.4, goes through network on its own
 Page 38 of Underground, Suelette’s book: Each of those computers might have had 100 or more users. Figures were sketchy, but virtually everyone on the network--all 270,000 computer accounts--had been affected by the worm
 The startup file would also print "OOPS!" and show output that appeared to delete all files in the user's account. This code would not actually delete files, but would make it appear as if it had.
 When a user logged in and saw what looked like a complete deletion of the files, the first command executed was usually the directory command (to be sure the files were gone). The damage caused by this particular "joke" was to cause frightened users to restore files in the account from a backup, completely erasing the current files in the directory.
 Took weeks to eradicate and cost NASA $500,000. https://calhoun.nps.edu/bitstream/handle/10945/37808/cybersecurity_summit_CyberConflict-Denning.pdf;sequence=1
 “By [John] McMahon’s estimate, the WANK worm had incurred up to half a million dollars in costs. Most of these were through people wasting time and resources chasing the worm instead of doing their normal jobs.” https://suelette.home.xs4all.nl/underground/Underground.pdf
 "one of the first-recorded acts of hacktivism" http://jolt.law.harvard.edu/articles/pdf/v27/27HarvJLTech301.pdf
 According to article by Julian Assange, “Real hacktivism is at least as old as October 1989 when the US Deptartment of Energy and NASA machines world wide were penetrated by the anti-nuclear WANK worm. https://web.archive.org/web/20080419071903/http://www.counterpunch.org/assange11252006.html
 WANK worm also earliest example mentioned here: “A good example of early hacktivism is “Worms Against Nuclear Killers (WANK)” https://www.georgetownjournalofinternationalaffairs.org/online-edition/the-rise-of-hacktivism
 “The winding electronic trail pointed vaguely to a foreign computer system and, before long, the US Secret Service was involved.”... NASA had established the French connection from some computer logs showing NASA under attack very early on Monday, 16 October.
 French secret service said “our investigations reveal incoming X.25 connections from elsewhere which coincided with the timing of the development of the WANK worm. The connections came from Australia.” [Underground]
 On June 22, 1989, in Hawaii (June 23 here in Australia), a TCP/IP connection was opened to the University of Melbourne. . Also described here
 Pages 206 and119 of Underground, Suelette’s book: Passionate about his new calling, Trax went trashing in Telecom garbage bins, where he found an MFC register list--an invaluable piece of his puzzle… and “Gavin introduced Force to trashing….”
 Suelette Dreyfus confirmed (and Julian Assange was her research assistant)
 Before he graduated from school in 1987, Electron had hacked NASA, an achievement which saw him dancing around the dining room table in the middle of the night chanting, ‘I got into NASA! I got into NASA!’ He hadn’t moved any satellites, but getting into the space agency was as thrilling as flying to the moon."
 In January 1990, Electron turned his attention to getting Zardoz… After Phoenix was satisfied Zardoz was safe, he rang Electron just before 4 a.m. with the good news. By 8.15, Phoenix had downloaded Zardoz from the Texas computer onto his own machine. By 1.15 p.m., Electron had downloaded it from Phoenix’s machine to his own.
 Quoted in an interview with Police “It’s just a kick of getting into a system. I mean, once you’re in, you very often get bored… it’s a challenge.. That’s basically it, the challenge and the ego boost”
 page 158 of Underground, “Among the institutions believed to have been penetrated by the intruder [Phoenix] are the Los Alamos National Laboratories, Harvard, Digital Equipment Corporation, Boston University and the University of Texas.”
 “A computer intruder has written a program that has entered dozens of computers in a nationwide network in recent weeks, automatically stealing electronic documents containing users' passwords and erasing files to help conceal itself…. Once it gains access to a computer, it tries to steal a specially coded file containing passwords and copy that file to another computer, where it can decode the passwords.” https://www.nytimes.com/1990/03/19/us/computer-system-intruder-plucks-passwords-and-avoids-detection.html
 The intruder has not used a ''worm'' or a ''virus,'' a program that copies itself between computers and destroy files or overload the system. https://www.nytimes.com/1990/03/21/us/caller-says-he-broke-computers-barriers-to-taunt-the-experts.html
 “Most of the colleagues, most of the people at my level thought it was a bit of a wank, that I should be out there investigating real crime” Discussed by Detective Superintendent Ken Hunt here, also discusses borrowing and asking banks for equipment: https://youtu.be/0UghlW1TsMA?t=1444
 He faced fifteen charges, most of which were for obtaining unauthorised access to computers in the US and Australia. A few were aggravated offences, for obtaining access to data of a commercial nature.
 Wisconsin “The Post-Crescent” from April 2, 1990 https://www.newspapers.com/image/289902977/?terms=%22phoenix%22%2B%22electron%22%2B%22hacker%22%2B%22Australia%22
 ‘I formed the view that a custodial sentence is appropriate in respect of each of these offences because of the seriousness of them,’ Judge Smith noted, ‘and having regard to the need to demonstrate that the community will not tolerate this type of offence. ‘Our society today is ... increasingly ... dependent upon the use of computer technology. Conduct of the kind in which you engaged poses a threat to the usefulness of that technology ... It is incumbent upon the courts ... to see to it that the sentences they impose reflect the gravity of this kind of criminality. … The judge paused, then continued, ‘And ... I direct, by order, that you be released forthwith upon your giving security by recognisance ... in the sum of $500 ... You will not be required to serve the terms of imprisonment imposed, provided you are of good behaviour for the ensuing six months.’ He then ordered Electron to complete 300 hours of community service, and to submit to psychiatric assessment and treatment.
 Page 197 of Underground: But after much reflection ... I have concluded that an immediate term of imprisonment is unnecessary Relief rolled across the faces of the hackers’ friends and relatives as the judge ordered Phoenix to complete 500 hours of community service work over two years and assigned him a $1000 twelve-month good behaviour bond.