Kevin Mitnick *What was this case about?

At age 12, Mitnick used social engineering to bypass the punch card system used in the Los Angeles bus system. After a friendly bus driver told him where he could buy his own ticket punch, he could ride any bus in the greater LA area using unused transfer slips he found in the trash. Social engineering became his primary method of obtaining information, including user-names and passwords and modem phone numbers.[5] Mitnick first gained unauthorized access to a computer network in 1979, at 16, when a friend gave him the phone number for the Ark, the computer system Digital Equipment Corporation (DEC) used for developing their RSTS/E operating system software. He broke into DEC's computer network and copied their software, a crime he was charged with and convicted of in 1988. He was sentenced to 12 months in prison followed by three years of supervised release. Near the end of his supervised release, Mitnick hacked into Pacific Bell voice mail computers. After a warrant was issued for his arrest, Mitnick fled, becoming a fugitive for two and a half years. According to the U.S. Department of Justice, Mitnick gained unauthorized access to dozens of computer networks while he was a fugitive. He used cloned cellular phones to hide his location and, among other things, copied valuable proprietary software from some of the country's largest cellular telephone and computer companies. Mitnick also intercepted and stole computer passwords, altered computer networks, and broke into and read private e-mail. Mitnick was apprehended on February 15, 1995, in Raleigh, North Carolina.[6] He was found with cloned cellular phones, more than 100 clone cellular phone codes, and multiple pieces of false identification. *Who were the protagonists and parties involved -Kevin Mitnick -US Government, DoJ *What ethical issues are raised by this case? - Should someone under supervised/probationary release do something in which he was convicted as long as it was not seen by authorities due to him being technically a prisoner? - Is it justifiable if only social engineering and not actual hacking using a program or a computer was done to break the privacy of someones critical information even if it leads to the same result if hacking was used? - Involvement of media on prosecution (mainstream media played big part) - Estimation of losses must be correct in this cases (values were contested)

Raphael Gray *What was this case about? He hacked computer systems around the world over a period of six weeks between January and February 1999 as part of a multi-million pound credit card mission. He then proceeded to publish credit card details of over 6,500 cards as an example of weak security in the growing number of consumer websites. He claimed that he did not use or take away any money from any of the cards that he hacked. *Who were the protagonists and parties involved - Raphael Gray - Chris Davis - Law enforcers *What ethical issues are raised by this case? - Does hacking for adrenalines sake justify hacking? - Does hacking for the sake of sending a message justify hacking? - Is it ethical to provide a service without security? (Companies)

Masters of Deception *What was this case about? A New York-based group of hackers, most widely known in media for their exploits of telephone company infrastructure and later prosecution, as well as being the subject of the book Masters of Deception: The Gang That Ruled Cyberspace.MOD's initial membership grew from meetings on Loop-Around Test Lines that led to legendary

collaborations to hack RBOC phone switches and the various minicomputers and mainframes used to administer the telephone network. They successfully remained underground using alternative handles to hide even their true hacker identities. To further prove their hacking prowess, Masters of Deception members allegedly carried out what has been dubbed one of the most extensive thefts of computer information ever reported. According to reports, they broke into tough-to-crack servers and stole confidential information, which they later sold. The Great Hacker War was a 1990-1992 conflict between the Masters of Deception (MOD) and a faction of the older guard hacker group Legion of Doom (LOD), where each side attempted to hack the other's computers. It took place across the Internet, x.25, and telephone networks across the world. In the end, the Masters of Deception were victorious over the Legion of Doom. The war changed the face of computer security forever, and select members of the LOD, as a result of the embarrassment, resorted to calling up the FBI and US Secret Service and informing on the MOD members. *Who were the protagonists and parties involved - Mark Abene ("Phiber Optik") - Paul Stira ("Scorpion") - Eli Ladopoulos ("Acid Phreak") - HAC - John Lee("Corrupt" a.k.a. "Netw1z") - Julio Fernandez ("Outlaw") - Supernigger (also of DPAK) - Wing - Nynex Phreak - Billy_The_Kid - Crazy Eddie - The Plague - ZOD - Seeker - Red Knight - Lord Micro - n00gie - peaboy (aka, MCI Sprinter). *What ethical issues are raised by this case? - Hacking can be used as a means of waging war or settling conflicts, without thinking of the consequences of others that will be directly or indirectly involved. - Selling of personal information is a breach of a persons right to privacy

Mafiaboy *What was this case about? On February 7, 2000, Calce targeted Yahoo! with a project he named Rivolta, meaning riot [3] in Italian. Rivolta was a denial of service type of cyber attack in which servers become overloaded with different [4] type of communications to the point where they shut down completely. At the time, Yahoo! was a multibillion dollar [5] industry and the web's top search engine. Mafiaboy's Rivolta managed to shut down Yahoo! for almost an hour. Calce's goal was, according to him, to establish dominance for himself and TNT, his cybergroup, in the [3] cyberworld. Buy.com was shut down in response. Calce responded to this in turn by bringing down Ebay, CNN, Amazon and Dell.com via DDoS over the next week. In a 2011 interview, Calce tried to redeem his image by saying that the attacks had been launched unwittingly, after inputting known addresses in a security tool he had downloaded from a repository on the now defunct file-sharing platform Hotline, developed by Hotline Communications. Calce would then have left for school, forgetting the application which continued the attacks during most of the day. Upon coming home Calce found his [7] computer crashed, and restarted it unaware of what had gone on during the day. Calce claimed when he overheard the news and recognized the companies mentioned being those he had inputted earlier in the day, that he "started to understand what might have happened".
[6]

*Who were the protagonists and parties involved - Mafiaboy - Canadian government - Yahoo!(website) - CNN(website) - eBay(website) - E-Trade(website) *What ethical issues are raised by this case? - Is it ethical to use hacking as a tool for revenge? - If the culprit is a minor, is it ethical to jail him? - Is it ethical to use wiretapping to get evidence? (Privacy) Legion of doom *What was this case about? The Legion of Doom (LOD) was a hacker group active from the 1980s to the late 1990s and early 2000. Their name appears to be a reference to the antagonists of Challenge of the Superfriends. LOD was founded by the hacker Lex Luthor, after a rift with his previous group the Knights of Shadow. At different points in the group's history, LOD was split into LOD and LOD/LOH(Legion of Doom/Legion of Hackers) for the members that were more skilled at hacking than pure phone phreaking. LOD published the Legion of Doom Technical Journals and regularly contributed to the overall pool of hacking knowledge and information. They consider themselves not causing direct harm to the phone systems and computer networks they took over. On the other hand, many LOD members were raided, charged and in some cases successfully prosecuted for causing damage to systems and reprogramming phone company computers(Grant, Darden and Riggs, etc). While the "Bellsouth" Case could be construed as exploration of the phone system, with claims that no real damage was done, there are other former LOD members such as Corey A. Lindsly (a.k.a Mark Tabas) who were clearly interested in for-profit computer crime, with no goal except personal gain. As of 2006 what has happened to each individual member of the legion of Doom is unknown. *Who were the protagonists and parties involved - Erik Bloodaxe", - Mark Tabas", - Karl Marx", - Agrajag the Prolonged", - Automatic Jack", - Bill From RNOC", - Lord Digital", - The Mentor", - Doctor Who", - Dead Lord", - Phiber Optik", - "Terminus". *What ethical issues are raised by this case? - Does the lack of malicious intent justify these acts? - Publishing of journals that can serve as reference for other aspiring hackers - Does the absence of malicious intent enough to have exemption from prosecution? - Estimation of damage - Possible violation of privacy rights mainly due to unclear definitions, unlawful search and rescue

Robert morris internet worm *What was this case about? - Worm, the first of its kind self replicating and self propagating - Spread unintentionally throughout internet, anyone connected is at risk - Exploitation of different loopholes and functions like finger(program to find user info) and sendmail(e-mail) on unix OS

- Could have been solved differently but not (1 out of 7, replicate only on clean PC, electronic seppuku, losing worm on toss coin) - slowed many computers down to being practically useless - worm can reinfest(by means of 1 out of 7) *Who were the protagonists and parties involved immortal - Robert Morris - Andrew Sudduth - Eugene Spafford *What ethical issues are raised by this case? - Security - Only crime committed is crime of curiosity (we could but should we) - Clear demarcation between unethical and ethical - Will you report to the authorities if your friend is involved?