Computer hackers have replaced the clarinet duos that once fooled the Bell System into opening its long-distance network to freeloaders, but the computerization of telecommunications has increased the potential danger of such malicious mischief to national security, industry experts said Friday.
"What is happening is kind of a continuing escalation of these problems," said Donn B. Parker, a senior management consultant at SRI International who has written extensively on computer crime. "The bad guys are becoming more sophisticated with more powerful tools, and the good guys are continuing to add security to their communication and computer systems." But the potential of the "bad guys" is awesome today, emphasized Parker's SRI colleague, Peter Neumann.
"If you can bring the whole telephone service to its feet, it's a national security issue," said Neumann, a computer security consultant. "The potential is there. But we haven't seen massive concentrated attacks. What we've seen is a lot of fooling around."
Telecommunications expert Lee I. Selwyn, who heads a Boston consulting firm called Electronics & Technology Inc., recalled the former simplicity of manipulating phone company equipment in the early days of direct-dialing technology. Hackers in the days before home computers, he recalled, could "play two clarinets" into the phone to imitate the multiple tones used to obtain long-distance lines and bypass the billing equipment.
Clarinet playing as a hacking technique is no longer possible because of computerization, but the computer-controlled switches of today also contain a mass of instructions governing phone service to particular customers. As a result, Selwyn said: "It's a lot harder to get in with the new equipment, but if you do you've got a lot more power."
The issue of telephone security was raised Friday when the New York Times published an article based upon a year-old internal memo from Pacific Bell in which a security manager for the San Francisco-based utility worried in writing over the vulnerability of the company's phone network. The newspaper said the memo was provided by an unidentified "teen-age computer enthusiast" who said he got it from another friend who claimed to have plucked it from the network as the document was being sent between Pacific Bell offices.
Jack L. Hancock, Pacific Bell vice president for information systems, said Friday that he "strongly doubts" that the filched memo was plucked from a phone line during facsimile transmission.
"You would need to know an awful lot or have an enormous computer to be able to sort out the specific message you were after and monitor all the different facsimile machines," he explained. "We think the memo was just stolen."
Hancock said the fast pace of technological change virtually guarantees creation of temporary security loopholes. "We close what loopholes we can find." But providing total security--for example, by electronically scrambling every conversation or bit of data during transmission--would make phone service prohibitively costly for many people, he said.
"Everything we do is a balance between cost, time and utility."
Hancock noted that the stolen memo referred to two specific cases of hacker penetration and that both are being prosecuted. "These are criminals," he said.
(In one case, according to the Times, teen-age hackers penetrated the system and monitored one another's phone calls and added toll calls to their family's bills. One disconnected or otherwise tied up the phone service of people he didn't like. In the second case, the Times said, police searched the Southern California home of a man suspected of hacking into computers of a software firm in Santa Cruz and learned that he was able also to penetrate Pacific Bell's switching machines.)