 Speaker is a historian and she is rolling back time for us 30 years through the very beginnings of the Chaos Computer Club and taking a closer look at The KGB hack the infamous KGB hack and what Carl Koch did back then So let's journey back to the 80s with Anya Dreyfahl. Thank you. I was hoping to see my presentation Why am I not seeing my presentation my slides? Yes. Thank you Thank you that applause goes goes to my amazing hacker who did this little video as a start to my presentation. Thank you Why no, I guess we'll have to do it again. No, no, what is happening? No, no, no, no Okay, okay. Welcome to 1989 Before I start I have to say when you start researching a topic like the KGB hack You suddenly find out there's so many sources not just books that have been written movies that have been made documentaries There's articles in newspapers on the internet. There's podcasts you can listen to that go into every little detail of this case every little detail of the early history of the CCC the early history of the internet as it is and Due to time constraints that we have I am going to have to Simplify quite a few things to just you know give you an overview and tell you a story about this topic and I'm counting on you to raise questions in the end that are Q&A To go maybe into more detail if you find out, okay, there's something that should have been a little more detailed There's something that hey I know about something about this because I'm sure a lot of you know maybe more than me about this story So that's something that I'm hoping we can do in 45 minutes 40 minutes First of all, I'd like to ask a question two questions to the audience Does anyone here think that this talk might mention their name? Yes, who are you? Well, I'm not going to mention any real names except for one So maybe you would like to join us in the end or you know, if not they're not I'm Second question is anyone here who attended Congress in the 1980s? Excellent. Well, personally, I did not Because I was busy with the kindergarten and elementary school and stuff My first Congress was in 2012 when a friend of mine introduced me to the Chaos Computer Club I went to Hamburg Spent four amazing days at Congress and in the end I thought oh my god, this is so great And I thought okay, what could I give back to this amazing community? What could I? add to this experience and I'm not a hacker or Very much into tech, but I'm a historian. I can tell you history and I'm very thankful that the content team has now invited me for the fourth time To tell you about history. I'm very thankful that this talk has Gotten a slot on day one Because I think it's the perfect time to take a look back at what was to take a look at what has changed to Remember those who unfortunately cannot be here today and then spend three more days in the present at this Congress So let me set the scene for you It's 1989 especially. It's March 1989 in March 1989 The world was still very much divided Germany was still divided into West Germany and the German Democratic Republic and Looking at Leipzig in March 1989 we had the spring fair in Leipzig not here, but in the old fairgrounds and The German Democratic Republic proudly presented their latest and greatest in technology They had just developed a four megabit hybrid memory four megabits Unfortunately, it was way too expensive to make it on the world market, but they were proud West Germany had its own issues difficult times People had to wear stonewashed jeans and pastel colored sweaters number one hit in the West German charts in March was David Hasselhoff looking for freedom and Bill and Ted were going on an excellent adventure sequel is coming out next year. Don't miss it Um Speaking about television private television in West Germany was still very much in its infancy Most people still had three television channels first second third and they got their information from the television the first program Showed the news every night at eight people watched it much more than today and Sometimes the first German television had a special program called im brennpunkt in focus That always came out when something was so exciting so newsworthy that it couldn't be sufficiently dealt with in a normal news so on March 2nd 1989 the first German television showed this Isn't it moving? Oh come on, please It's moving on my screen Okay, if it had been moving you would have seen a dude in a suit Telling you that the biggest spy case since Günther Guillaume has just been uncovered Günther Guillaume was an East German spy who worked closely in the offices of German Chancellor Willy Brandt in the 1970s He worked for the East German secret service and when he was uncovered the Chancellor had to step down so Apparently in March 1989 we have a spy case of German hackers working for the KGB that is as big as Günther Guillaume Spoiler it was not but Anyway, how is that even possible? How can you how can German hackers work for the KGB in 1989? How do they hack anything over the internet? Well, there's no internet What there is is Basically this Let's say in the mid 1980s you're a teenager and you've got a computer for Christmas lucky you So what can you do with it? There's no internet. There are computers that are connected Big computers made by IBM and by Vax that are standing in universities research institutions military institutions big companies and You have in the 1980s a network that you can actually dial into from your home So you have a phone that's connected to a wall usually if it's not cut off And you have a computer and if you're lucky you have a sort of modem It's called an acoustic coupler. We have one here for the C64 The most famous one was the data phone it's bigger But this one basically works the same you strap your phone to it and you call your local post office And your local post office in the 1980s has a network called data XP Which stands for data exchange packet based? it's based on the x25 protocol and it gives you the opportunity to Connect to computers all over Germany and all over Europe and actually all over the world What you need is a network user identification a so-called newie, which is expensive The call to your local post office not so much especially in West Berlin which was known as sort of a hackers paradise because local calls cost only 23 finish 23 cents not per minute, but per call So if you had a network user identification from somewhere You could just call your local data XP office and connect These newies were expensive But you could find them for example At the computer fair in Hanover because people weren't watching their screens their terminals and maybe you could look over somebody's shoulder and see their login and use it and run up charges of thousands of marks and Then you can connect to message boards, which is a bit well not so exciting much more exciting is the big computers standing at institutions and companies and so Through this Possibility these possibilities this network comes a hacker scene in the 1980s of Mostly young people teenagers young guys not so many girls who Connect to these big computers because they can Because they're there and they're interesting and you just want to see what's on them Especially infamous was CERN the nuclear research Nuclear research organization in Switzerland where at some point Hackers were actually having kind of parties in the system connecting to the computers and chatting with the systems managers Who were a bit annoyed because they had work to do but Not that bothered because it wasn't really seen as anything that could harm them and the point was to Go into these computers because you can to show that you can and to have some fun and not because you're a criminal Or you want to take some data Or make money of it, but just as a sport and Now and in this scene the chaos computer club also established itself as as sort of a mediator between these hackers and The institutions and companies that were being broken into Always stressing that when you're hacking you should do it with an ethical approach Never you know doing any harm Being excellent not making any money and for God's sake staying away from military or secret service computers. Don't touch those Here's a quote on one of the first Congresses which I think sounds pretty much like today this amazing experience and the news crews interested in the reporting on what's happening With these sort of harmless tech freaks and hackers that were just having fun and This is the scene where a group of young men met in the mid 1980s and Started hanging out started sitting in front of computers hacking together Talking consuming drugs also and just you know having fun And these are their nicknames They were all sort of some were programmers some were teenagers who were into hacking One of them the last one here Wasn't really a hacker. He worked at a casino and he made some money on his side selling drugs And they were just hanging out and then just feeling like they were the greatest They were Someone has compared them to sort of graffiti kids. They did it because they could just leaving their mark everywhere in the computers and Well, they were just you know talking and Somebody had the idea. Okay. What can we do to get recognized as the greatest hackers or how can we make something off it? There's always the issue of money problems that you might have stupid ideas that you have when you're a teenager young kid and One of them came up with the idea. Hey, I know somebody in East Berlin who might be interested in what we're doing And maybe we could sell that I know someone a Russian and It might be you know, it might actually be Contribution to world peace because the Russians need technology that they don't have and we have it we could kind of Equalize the scales a bit. It's a stupid idea, of course But this guy Pedro his name was Peter He actually went to East Berlin walked into the Soviet trade mission and said he wanted to talk someone about a deal super stupid walking in the front door and Someone actually listened to him a guy who introduced himself as Sergei Who officially worked at the trade mission, which in my opinion means KGB? Was willing to listen and Our hackers offered okay, we can get you like logins to computers in West Germany and even America We can even teach you how to hack, you know for like a million marks. How about that and Sergei was like, okay, that's nice, but I need something else Because he had a shopping list Which came pretty much directly from The embargo list made by the Coordinating Committee on multilateral export controls there was an embargo technology and Yeah, electronic parts computers weren't allowed to be sold Into the Soviet Union or the Eastern Bloc in general And that was basically his shopping list what the Soviets wanted was not so much, you know log ins to military computers They wanted source code for example According to the sources he actually had a list that said okay, Unix source code 25,000 marks maybe a compiler for this and that 5,000 marks and our hackers were able to provide they didn't exactly make a million, but about 90,000 marks exchanged hands in the following months until A systems administrator in California noticed something and Now I have to tell you the legend of Clifford Stoll Clifford Stoll has become famous for uncovering the KGB hackers and a sort of legend has been built around him Telling his story again and again. He there was a funny documentary made. He had a book coming out and There are some weird aspects in this story, but maybe we can talk about them later So first of all, I'm just gonna give you the story as he tells it and I would like to show you because you couldn't describe this man, but You just have to see him and if this video isn't working again, then I'm gonna be really really sad Oh Yeah, because that would be really awesome if we could actually watch it Huh, oh man Can we just go to the slide that we need maybe this is Okay, oh Should we try it well it shows a picture at least that's good. Um, yeah, let's just try this Do something. Yeah, I'm trying Here right. Oh no, come on Come on We're gonna get there A Loan scientist on the trail of a computer spy The hacker is out there somewhere rating computers stealing government files. I had managed some computer hackers looking for The true story of Cliff Stoll's real-life adventure featuring the actual participants recreating the events is the KGB the computer and me I like his hair Okay, so Clifford stole story is that he was a systems administrator at Lawrence Berkeley laboratory and he noticed in his accounting system 75 cents missing because some user had accrued 75 cents of computer chime and not paid for it and He found out that there was a weird user. He didn't know and he just Deleted him a couple days later. Somebody else was in his computer and had system privileges And he says he just got interested He didn't want to shut this person out. He just wanted to know who it was and what they were doing So he started tracking whoever was coming into his computers for months Actually a whole year in the end that he was tracking this person He got help from a friendly district attorney who got him a warrant to trace the phone lines and Long story short Can you actually see something that's nice? He found out that His intruder came in through time net the equivalent the American equivalent of data XP and He wasn't even in the US. He was in Germany. He came in through data XP At the University of Bremen and the trace ended in Hannover and in Hannover The problem was that they had really old switches from the 1950s and it would have taken about an hour to track The hacker back to his own phone at home And the problem was the hacker never stayed long enough on Stoll's computers he used them as a gateway to get into much more interesting computers for example The Pentagon a database at the Pentagon the Air Force the Navy the Army even Army computers in Japan Computers in the Rammstein, Germany so Stoll Was at a loss how to keep him in a system long enough so he could actually or The German post could actually track this person back to his own phone line so He says that his girlfriend came up with the idea if there's nothing on your computer that interests him Then then put something there put some files there that look super secret and are super big So that he needs time to look at them And that actually worked they made up a bunch of of Big data and they even put in a mailing list that said okay if you want more information about Strategic defense initiative also known as Star Wars Send us a letter because it's so much data. We have to send it through the post and Surprisingly enough that worked First of all the German post was able to track Clifford Stoll's hacker back to the house of one of our KGB hackers or me His apartment was searched his office was searched But the police didn't really know what they were looking for because they didn't find any disc that said super secret SDI net files or something and Nothing much came of it and the second thing that happened was that somebody actually answered this mailing list a Hungarian immigrant in Pittsburgh sent a letter to Clifford Stoll asking for information on SDI net files Was he working for the KGB or was he working for somebody else? It's a weird story In any case so in the summer of 1987 Clifford Stoll finally knew okay There's some dude in Germany who's been hacking my computer But nothing much happened of it and it kind of calmed down a bit until The media got interested Who got the media interested is another interesting question But in any case in April of 1988 German magazine quick reported on the case using Clifford Stoll's notes In May 1988 He published a paper Suggesting that this hacker in his system had something to do with the KGB and Our hackers got a bit nervous At this point we have to talk about about Hackbart his name his real name was Kalkoch and in 1988 he was in a difficult place. He had Psychological issues. He had drug issues. He had money problems and He started talking to journalists offering to tell wild stories about the KGB and what he could do Offering to hack into nuclear reactors, which obviously was not possible but he just wanted to get a lot of money for it and the others Got a bit nervous and in July The youngest in the group Went to the authorities and offered to be a witness if he got immunity for anything that he might have done And this led to the video I wanted to show you in the beginning When in March 1989 arrests were made all five of them were arrested two had to stay in jail because they had prior convictions Houses were searched and the media descended on the chaos computer club because these five guys were somehow related and Suddenly the chaos computer club was not this harmless group anymore, but the media portrayed them as You know working for the KGB hacking basically everything and Dramatizing the whole situation What actually came out of it was not so much The process in early 1990 Focused on questions Like if any classified information was actually transferred or stored anywhere downloaded Nobody could prove that If the USA or Germany were actually compromised in any way not really and how The main question was how did this Hungarian immigrant Get this mailing list because only Clifford stole and the hacker could have had access to it and the question is did he actually get it from the KGB or was it as One of one of our hackers Suggested a couple years ago in a podcast. Maybe it might have been he might have been an agent provocateur He might have been set up by somebody to push these Investigations after the German authorities didn't really do much with it That's the question So this biggest spy case since Guillaume ended with Probation sentences and some fines because there was no proof that any real harm had been done The most tragic outcome maybe Was the death of Kalkoch Who was our hacker hack barred? He was a very troubled young man. He was orphaned early He inherited a lot of money when he was young which is always difficult He bought a computer. He had a nice apartment. He had parties with his friends. He consumed drugs and He was from a young age Obsessed with the novel Illuminato's and the number 23 a Movie was made about him in 1998. It's nice. You can find it on YouTube I didn't include it in my links because I'm not sure about the copyright situation but it's interesting nice soundtrack and This whole situation in 1989 the the media Pressing down on him and him having these illusions He thought the Illuminati were in his head controlling his thoughts He thought they were controlling the international networks and he had to do something about it ended on May 23rd 1989 when he was 23 years old He officially committed suicide by burning himself and That is such a gruesome way to die that immediately there were Conspiracy theories that maybe he didn't commit suicide. Maybe he had help doing it And that's something I cannot answer obviously The much more lasting result of this whole case was the image loss that the Chaos Computer Club suffered because Suddenly they weren't harmless pranksters joyriding through computers and You know Showing companies flaws in their systems showing the post Flaws in their BTX system for example suddenly they were Portrait as dangerous hackers selling secrets Being spies and you know, they can't be trusted and As far as I read the club almost dissolved about this issue in 1990 but luckily survived But this Is an image that is still lingering today And I think this image of hackers being somehow untrustworthy and Being somehow dangerous. You don't know really what they do and why they do it, but they're dangerous That is still lingering today Um Whenever the media tells you something about hackers, they always show you something like hi some like this an An anonymous anonymous dude with a hoodie sitting in front of your computer some random numbers flashing they don't make any sense, but it looks dangerous and and oh Yeah, and these hackers they're everywhere. They won't stop at anything Just Two days ago on Christmas German supermarket chain Reva had to call back their chopped almonds because they've been hacked beware and So I was interested in Taking a look at how the media Portrays hackers these days. So I did some Google searches. I thought okay. What are what are famous? hacking groups that you read about a lot For example, you know, we were talking about the KGB. So what about Russian hackers? So the first result I saw was Russian hacking. How did it affect the 2016 elections? So apparently Russian hackers are still very much busy with the United States and the elections leaking documents supporting Trump for some reason That's what you find on the media about Russian hackers And then I thought okay. What else is there today? What about China Chinese hackers sounds dangerous? What are they doing? So Chinese hackers apparently are busy hacking two-factor authentication these days They're in your phone beware Hacking you right now as I speak But what about German hackers? We've been talking about these German hackers who basically crashed the image of hacking forever. So what are they up to today? When you Google German hackers the first result is Clifford stole After 30 years really still that's the news I Don't know. Maybe it's time to make German hacking great again Um Very good. So and finally what about the chaos computer club? What has changed in the past 30 years? Here's another quote that I found of a Congress and the issues that were discussed at Congress someone standing up and Telling the audience that he was unhappy with where he saw chaos going The political direction is unacceptable Concentrating on things like environmental protection climate change or something is diverting the group from its technical origins And it's little wonder that truly talented hackers are beginning to abandon the club This is from 1988 So are we still having the same issues today? Are we still discussing the same thing? Where is the CCC going? Is it too political? Should it focus more on real hacking on the technology? or what but Fortunately a lot has changed For example when you think about those guys who were at the Congress in the 1980s, how many people were there like 400? At a Congress in a 85 How many people are here today 16,000? I mean not in this room, but I think last year was 16,000 That's amazing and something else I mentioned when I was this big I didn't attend Congress, but today you walk around and there's tiny hackers whizzing on scooters everywhere which is awesome people are bringing the kids and and You have a Much wider cross-section of society today and something else I don't know if you noticed but when I told you the story about the KGB hack. What was missing? There was something that did not show up women The only women the only woman in this story is Clifford Stoll's girlfriend Who allegedly came up with the idea of planting a honeypot in his system? There is no other woman in this story. It's all young dudes hacking away and That certainly has changed there are I don't know the percentage I can't tell but there's so many women and other non-male Participants that like I said, it's a much wider cross-section of society today, but Apart from these issues, what else what do you think are the issues we have today and we're gonna have in the future? that's my question to you and I would like some answers and if you want to confess about hacking something My deck is 6623 you can telegram me or Tell us now Thank you very much for this excellent talk. We do have six microphones Here in the hall. Please line up there. Are there questions from the internet via our signal intro? I know they're known. There are no questions from the internet Do we have questions here we have question at microphone three? Yes. Oh my god Thanks a lot for a talk. It was amazing. Can you please show us the first video? Oh? Yeah, I hope so Yes, we have plenty of time. Yeah, yeah, let's just try to because in the meantime if you have questions Please line up at the microphones. I Don't wanna okay Getting close getting close getting close Okay, you mean this one. Yeah, that one doesn't work. Oh, not this one. Oh, yeah, the next one. Let's try Good evening, my ladies and gentlemen, too. So, Peter stunde. We haven't said even schon gehört laut program So it's the jetzt ein wirtschaftskrimi mit dem titel tanker sehen den bringen wir heute abend nicht dafür aber einen spionage krimi und zwar in echt An authentical report über den schwersten spionage fall seit der enttarnung des kanzleramtsagenten günder gium You can find the whole brand point on youtube. It's very interesting It's like 30 minutes There's a lot of the same images as in the other documentation I showed dudes in Black sunglasses the CIA and stuff also this documentation about Clifford stall is Hilarious not just the scene where he runs out the shower in his towel to his computer because the hacker is on It's hilarious So do we have any more questions from the internet from the hall? No, no, it does not well then. There is something at microphone 5 Can you hear me? Yeah? Do we know anything about the rest of the group? Yes, for example. Yes Well about Let me go back or go front Well, I did I looked into them Dob, I could not find anything about him he Was actually one of the two who had to stay in prison almost a year because he was fleeing the army service and they were looking for him I Couldn't find anything about what he's doing today. Pengal is very active. He has a Twitter He's into vintage computing and he's he's the one who's always been interviewed You know every 10 years 10 years after the KGB hack 20 years after the KGB hack. He's been on TV He's been on Podcasts you can find a lot about him But he was about 10 years ago. He was on Tim Pritlov's podcast Very interesting it's two hours long, but it's super interesting very detailed in into the beginnings of the internet and There he said, okay, he's being asked about this again and again, and sometimes you just don't want to talk about it anymore I can totally understand that Well, you know what happened about what happened with hack barred Woman, I couldn't find out anything either Also, Pedro. No Not so much. So we have another question on microphone three Hi Well, first of all, thank you very much. I did read the cuckoo's egg. Excellent. And thank you for Posing the German Perspective towards it. It really elaborates the story quite a lot You finish your presentation with the question. What is missing currently at the case computer club? I love it. I probably as much as you do I come from the Netherlands And I have the feeling that in Holland hackers collaborate much more with governments and companies Okay, it's good to be critical against government But to criticize everything and to shut out government for everything doesn't solve the problem So what I'm hoping for is a more constructive Collaboration with the German government and I hope I'm not make myself very impopular here Perhaps do but I'm Dutch Thank you Another question microphone one Hi just to get the facts straight so I mean, I guess we all know here the story of the development of the term hacking since the MIT hacks, etc Would you say that? explicitly the story with the German hacking is the thing that stained the name of hacking in our mainstream consciousness not Not alone. I mean, there's obviously when you look at the US. There's cases of hacking. I mean talking about Kevin Mitnick for example Robert Tappan Morris who shut down all the computers in the US for days that's something that obviously Formed the image of hacking in the US and I I'm not sure about other countries to be to be honest But I'm thinking that it was Around the same time so end of the 80s hacking kind of lost its innocence through various Infamous hacks like the KGB hack Thank you very much. Thank you. Next question microphone three Thank you interesting talk and is there a list or has please talk a bit closer into microphone Thank you has anyone a list of which kind of information has been leaked or got which kind of Facilities have been compromised and second questions. Have the Russians ever confirmed this hack? First question. Yes Well, there's the official documents that came out in in the process Um, there's actually if you if you read German, there's an interesting book that came out in 1990 about this case and it has very detailed information about what kind of institutions have been hacked and What kind of information has been given to the Soviets, but most of it I guess is is Comes from Confessions because there was no proof The Russians did never confirm that. Yeah, okay. We got this and we got that. No, of course not and so most of it is What the hackers actually confessed? Do we have any more questions? It does not look like that. So for anyone who left already you're going to miss out on the outro video Yeah, take it away if I can Actually do that because There's no more questions Are we seeing this excellent? Just one thing for me Left to do Why am I? Thank you. Thank you. Big one round of applause