The Federal Bureau of Investigation’s seizure of computer equipment from young people in 13 cities earlier this month has focused national attention on what experts say is an increasingly vexing problem--protecting the security of information stored in large computer databases.
Experts say the practice of gaining access to data stored in large computers--which involves the use of a microcomputer, telephone lines, and attachments called “modems” that translate computer pulses into current that can travel through telephone lines to other computers--has resulted in as much as $1 billion in damage annually and serious breaches of privacy.
That many of the so-called “hackers” whose activities have been discovered are young, experts add, indicates a need for elementary and secondary schools to teach ethics of computer use in computer courses. No major education organization has yet devised a formal code of ethics, they say, and teachers often do not know of their students’ improper computer activities.
Gregory Cops--the principal of Irvine Woodbridge High School in Irvine, Calif., the school attended by four of the hackers investigated by the fbi--said the fbi disclosures would probably cause schools to be more careful in protecting their own computerized records. He said access to his school’s records can be obtained by guessing a simple code, which is usually a name.
The fbi seized the computer equipment of 15 young people earlier this month after the gte Telenet Communications Corporation reported that its computer data had been tampered with. gte discovered the apparent tampering during a routine check of its computer system, a company spokesman said.
The fbi has made no arrests and has not released the names of those involved in the case; the case became public when the families of hackers took their story to the media. Officials for the agency said they have not determined the extent of the damage to the gte system.
The fbi is studying whether it should charge any of the people involved in the recent case with “wire fraud,” the use of telephones to obtain services without payment. There is no federal law prohibiting unauthorized access to computers.
Claudia Houston, a spokesman for the gte division which provides a $500-per-month “electronic mail” system for businesses and government agencies, said the damage caused by the hackers was “substantial.”
Ms. Houston, said the mail system had never been damaged before.
The company “absolutely” intends to seek prosecution of the people involved in the case in federal and state courts, Ms. Houston said.
An fbi investigation in August uncovered a similar instance of young computer users in Milwaukee gaining access to large databases, including that of an unclassified system in a nuclear-weapons laboratory. (See Education Week, Aug. 24, 1983.)
Meanwhile, a Congressional subcommittee was conducting hearings on the problem of computer security. Two bills dealing with the issue are pending in both houses of the Congress; one bill is expected to come to a vote on the floor of the House of Representatives this fall.
Experts say dealing with young hackers poses a particularly difficult problem because of a general perception that their crimes are “romantic” and not as damaging as other crimes. In addition, the experts say, most parents and teachers have little knowledge of the folkways of computers users.
Soon after the fbi obtained warrants to search the homes of the hackers, parents and school officials expressed shock that the students apparently had become involved in tampering with computers.
Hackers “are so far ahead of their teachers in high school and college,” said one authority, that schools should consider hiring private computer consultants to stay informed about students’ computer activities and should teach the students about the ethical issues in computer use.
Sam J. Yarger, the associate dean of the school of education at Syracuse University, said his son and his son’s friends are capable of obtaining access to records of libraries, schools, and businesses. Mr. Yarger said his son once confided that he had altered a local library’s record of his borrowing a book. “I talked to him about the moral dilemma” of such actions, Mr. Yarger said, “but the kids see it as fun and games.”
“Kids do ‘kids’ things’ 24 hours a day, and parents are not overly aware of what’s going on,” said David Moursund, executive director of the 14,000-member International Council for Computing in Education at the University of Oregon. “That’s even more true with computers, which many [parents and teachers] don’t know anything about.”
Added Judith Norberg, the director of educational services for the Piedmont School District in California: “Teachers are not very aware because teachers are not terrifically involved with computers as a hobby. It’s the young people who have the time to spend on things like that.”
August Bequai, a Washington lawyer who specializes in computer crime, said schools are “the key” to teaching computer users about the legal implications of their computer activities. Teachers must stress that gaining illegal access to computer systems is illegal and will be punished, he said.
“If they’re juveniles, so what? We have juvenile courts,” Mr. Bequai said. “Prosecute them, let them go through the courts.”
Added Roy N. Freed, a Boston lawyer who also specializes in the subject: “They’re juveniles, but juveniles should be responsible for their actions. They’re not innocent little people. This is something that’s anti-social.”
Mr. Bequai and others said the activities of computer hackers have proven difficult to address for the same reasons that white-collar crime has been difficult to address.
Most white-collar criminals, Mr. Bequai said, often do not admit that they commit unethical acts even when confronted with evidence of wrongdoing. In the same way, he said, computer enthusiasts do not appreciate the ethical issues raised by hacking. Unless the problem of hackers is addressed, he said, “we are creating a pool of potential white-collar criminals.”
There is no way to measure accurately the extent of computer raiding, Mr. Freed said, largely because “banks [and others] try not to talk about it in public because it would reflect badly on them.” Mr. Bequai said anecdotal evidence suggests that businesses and other organizations lose between $100 million and $1 billion per year because of hackers.
An official of the National Educa-tion Association said the organization “puts emphasis on the ethics” when it trains teachers how to use computers. Shari L. Miller, a staff member in the professional-development office, added that the role of teachers is limited because “we don’t have any contact with what kids are doing at home.”
One of the two bills on the subject now before the Congress, sponsored by Senator Paul Trible, Republican of Virginia, would make gaining un-authorized access to most computers a federal crime. The other bill, sponsored by Representative Ron Wyden, Democrat of Oregon, would create a commission to study computer crimes against small businesses.
The latter bill was reported out of the House anti-trust subcommittee this month. An aide to Mr. Wyden said the Congressman expects the bill to come to a vote on the floor of the House before Thanksgiving.
The House Subcommittee on Transportation, Aviation, and Materials has held two hearings on the subject and is scheduled to hold another hearing this week.
Donn B. Parker, a consultant for the Stanford Research Institute International, recommended during the first hearing that a national commission on information crime be created to study the character and extent of the problem and to make recommendations for dealing with it.