Ghost in the Wires: My Adventures as the World's Most Wanted Hacker

by Kevin D. Mitnick

JPL management went to the media with that version of the story, which led to huge news coverage about the German hackers who had been caught breaking into the JPL computers.

Once we started the transfers, we had to keep them going night and day, moving the code bit by bit. It was a very slow process. The dial-up speed of the connections at the time (if you could even use the word “speed”) was a maximum of T1 speeds, which was about 1.544 megabits per second. Today, even cell phones are much faster than that.

Soon DEC detected our activity. The guys responsible for keeping the systems up and operational could tell that something was going on because of the heavy network traffic in the middle of the night.

To make matters worse, they discovered that their available disk space was disappearing. They didn’t usually have a lot of volume on the system: it would be counting i...

The nighttime activity and the disappearing disk space pointed to a security issue. They quickly changed all the account passwords and delete...

We just kept hacking back in, night after night, despite their best efforts. In fact, because the staff and users of the system didn’t realize that we had their personal workstations under our control and could intercept their keystrokes, it was easy for us to immedi...

DEC’s network engineers could see all along that lots of large files were being transferred, but they couldn’t figure out how to stop it. Our unrelenting assault had them convinced that they were under some kind of corporate espionage attack by internatio...

could always log on to see how far they were getting and what they were going to try next. We did our best to keep them chasing red herrings along the way. Because we had full access to Easynet, we could dial in from th...

We were facing a similar challenge at USC. Administrators there had likewise noticed that disk space on a few MicroVAXes was disappearing. We’d start transferring data at night, and they’d come on and kill the network connection. We’d start it up again, and they’d bring the system down for the night. We’d just wait them out, then start up our transfer again. This game continued for months.

Once all the VMS source code had been moved to several systems at USC, we needed to put it on magnetic tape so we could sift through the code without worrying about being tracked back while dialed into Easynet. Moving the source code onto tape was a three-man operation.

At the end of each session, Lenny would take all the new tapes to hide in a rented storage locker. We repeated this cycle until, eventually, we had thirty to forty tapes containing the full VMS Version 5 source code.

While I was spending so much time at Harrison’s, it occurred to me that a company called GTE Telenet, which had offices in the same building, operated one of the largest “X25” networks, serving some of the biggest customers in the world. Maybe I could gain administrative access to their network and monitor customer traffic.

Dave had previously picked the lock to the firemen’s box and lifted the master key to the building. Late one night, Dave and I used the key to walk into the GTE Telenet offices, just to look around. When I...

Even though Telenet people were in and out of the offices twenty-four hours a day, I sat down at the terminal and started to explore, looking at scripts and third-party applications to figure out what tools they had and how those tools could be used to monitor the network. Within a very short time, I figured out how to eavesdrop on customer network traffic. Then it hit me. The node had been named Snoopy because it allowed the technicians to monitor traffic on customer networks: it allowed them to snoop.

already had the X25 address to connect to the VMS system at the organic chemistry department at Leeds University, where Neill Clift studied, so I connected. I didn’t have any log-in credentials; none of my guesses were correct.

He was already logged in to the system because of the time difference, saw my log-in attempts, and emailed the administrator of Snoopy to say that someone was trying to get into his u...

Lenny and I fell into a battle of wits against each other. He was a computer operator at a company called VPA, and I had joined a company called CK Technologies, in Newbury Park. We kept making bets on whether we could break into each other’s computer systems that we managed for our employers.

Whoever could hack into the VMS system at the other’s company would get the prize. It was like a game of “capture the flag,” designed to test our skill at defending our systems against each other.

Lenny wasn’t astute enough to keep me out. I kept getting into his systems. The bet was always $150, the cost of dinner for two at Spago, the Beverly Hills restaurant of celebrity chef Wolfgang Puck. I had won this ongoin...

During one of our all-night hacking sessions, Lenny started complaining that he never won the bet. I told him he could quit anyt...

Actually, it would have been difficult for me to win it straight up. But dumb luck came to my rescue. As I was working on Lenny’s terminal, hacking into Digital’s network, I spotted a wallet on the floor under his desk. I “accidentally” dropped my pen, then bent over to get it and stuffed the wallet into my sock. I told Lenny I had to take a leak.

Inside the wallet, I found a slip of paper with the code for the digital door lock written on it. I couldn’t believe it: Lenny was such a clever hacker, but he couldn’t remember a simple number? And he’d been foolish enough to write down the code and leave it in his wallet? It

A few minutes later, he went downstairs to get something. When he came back, he couldn’t find me. He searched everywhere, then finally unlocked the door to the computer room. I was sitting inside, typing on the VMS console, logged in with full privileges. I smiled at him. Lenny was furious. “You cheated!” he shouted.

When the people from accounting told Lenny about the IRS call, he knew instantly who’d been behind it. But he was so over-the-top, out-of-control furious that he lost all sense of reason and did a really stupid thing: he went to his boss and told him that the two of us had been hacking into DEC from VPA’s offices. His boss didn’t call the cops; instead, he and Lenny together called security staff at DEC and told them who’d been plaguing them over the past several months. Eventually the FBI was called in, and its agents set up a sting.

Personnel from the FBI and Digital Equipment Corporation set up camp at VPA prior to one of our late-night hacking sessions. They placed monitoring software on VPA’s computers that would record everything we did. Lenny was wearing a wire to capture our conversations. That night my target was Leeds University in England. After earlier identifying Neill Clift as one of Digital’s main sources of information about VMS security bugs, I wanted to get into the VMS system in Leeds’s Organic Chemistry Department, where Clift had an account.

At one point I sensed that something a bit weird was going on with Lenny and asked him, “Is everything all right? You’re acting strange.” He said he was just tired, and I shrugged off his odd behavior. He was probably petrified I’d figure out what was really happening. After several hours of hacking, we...

Several days later, I got a call from Lenny, who said, “Hey, Kevin, I finally got my vacation pay. I ...

Two hours later I rolled into the small ground-floor parking garage of the building where VPA had its offices. Lenny was standing there, not moving. He said, “I need to get the VT100 terminal emulator software to make a copy for a fr...

It was already 5:00 p.m. and I told him I hadn’t eaten all day and was starving, and even offered to buy him dinner. He kept insisting. I wanted to get the hell out of there: something felt wrong. But finally I gave in and, leavi...

“You know that feeling in your stomach when you’re about to get arrested?” Lenny ta...

The whole garage was suddenly filled with the sounds of car engines. Cars shot out at us from what seemed like every direction, stopping in a circle around us. Guys in suits jumped out and started screaming at me, “FBI!” “You’re under arrest!” “Hands on the car!” If Lenny had staged all this just to scare me...

They pulled out their wallets and flipped them open. FBI badges all around me. The real thing. I looked at Lenny. He was dancing in a little circle of joy, as if he were celebrating some kind of victory over me. “Lenny, why would you do this to me?” As an agent handcuffed me, I asked Lenny to call my mom and tell her I’d ...

was driven by two agents to the Terminal Island Federal Prison. I had never seen anything like this outside of a movie or a television show: long rows of open cells, with guys hanging their arms out of the bars. Just the sigh...

But the other prisoners surprised me by being cool and friendly, offering to lend me some stuff that was sold in the commissary and the like...

After being held over the weekend, I was taken before Magistrate Venetta Tassopulos for my initial detention hearing on Monday morning, expecting to be released on bail. I was assigned a court-appointed lawyer, who asked if I’d been a fugitive. It turned out he’d already talked to the prosecutor, who told him I’d fled to Israel back in 1984, which wasn’t true.

Once the hearing began, I sat there in disbelief as the Court got an earful from the prosecutor, Assistant U.S. Attorney Leon Weidman. Weidman told the judge, “This thing is so massive, we’re just running around trying to figure out what he did.” Among other things, he said that I had:

The allegation that I had hacked into the NSA was totally ridiculous. On one of the floppy disks seized by the Santa Cruz police was a file labeled “NSA.TXT.” It was the “whois” output listing all the registered users of Dockmaster, the unclassified National Security Agency computer system that Lenny had social-engineered himself into when he worked at Hughes Aircraft.

Everything in the file was public information, including the lists of telephone extensions at the National Computer Security Center.

Another allegation, the claim that I’d hacked into police computers and deleted my arrest record, was related to my Santa Cruz Operations hacking case, but the missing record was really law enforcement’s own fault. Remember, when Bonnie and I surrendered ourselves to the West Hollywood Sheriff’s Department, because they neglected to fingerprint or photograph us, no record was created of our arrest. In short, it was their own screwup: they didn’t do their job.

The one that mystified me most was that I had repeatedly had the phone service of the actress Kristy McNichol turned off because I had a crush on her. First of all, I couldn’t imagine why anyone would think that turning off someone’s phone would be a good way to demonstrate affection.

Weeks later, my mom, who then worked at Jerry’s Famous Deli in Studio City, saw McNichol having lunch at one of the tables. Mom introduced herself and said, “Kevin Mitnick is my son.” McNichol immediately said, “Yeah, what’s all this about his turning off my phones?” She said that nothing like that had ever happened to her, and she herself wondered, just as I had, how the rumor had gotten started. Later a private investigator would confirm that none of it had taken place.

What good would it do for me to come clean if my accusers were going to play dirty? When there’s no presumption of fair treatment, and the government is willing to base its charges on superstition and unverified rumors, the only smart response is to run!

When it was his turn to present my case, my court-appointed attorney told the magistrate that I had indeed gone to Israel in late 1984, but that I hadn’t been absconding, just visiting. I was stunned. We had discussed this point ten minutes before my hearing, and I’d explained that I hadn’t been outside the country in years and had in fact never been overseas. Mom, Gram, and Bonnie all looked shocked because they knew that what he was saying just wasn’t true. How could an attorney be so incompetent?

In a last-ditch effort to frighten the magistrate, Leon Weidman made one of the most outrageous statements that have probably ever been uttered by a Federal prosecutor in court: he told Magistrate Tassopulos that I could start a nuclear holocaust. “He can whist...

NORAD computers aren’t even connected to the outside world. And they obviously don’t use the public telephone li...

His other claims, every single one of which was false, were tall tales, likely picked up from bogus media reports and who knows what other sources. But I had never heard this NORAD one before, not even in a science-fiction story. I can only think he picked up the notion from the Hollywood hit movie WarGames. (Later it wo...

The whistling-into-the-phone thing was so farfetched that I actually laughed out loud when he said it, certain that Her Honor would tell the man he was being absurd.

Instead, she ordered me held without bail because when “armed with a keyboard” (“armed”!), I posed a danger to the community.

The living areas assigned to a prison’s “general population” have phones that inmates can use to make collect calls. There is only one area with no phone access at all: solitary confinement, known as “the hole.”

In Time magazine’s issue of January 9, 1989, an item under the heading of “Technology” noted: “Even the most dangerous criminal suspects are usually allowed access to a telephone, but not Kevin Mitnick—or at least not without being under a guard’s eye. And then he is permitted to call only his wife, mother and lawyer. The reason is that putting a phone in Mitnick’s hands is like giving a gun to a hit man. The twenty-five-year-old sometime college student is accused by Federal officials of using the phone system to become one of the most formidable computer break-in artists of all time.”