Marcus Hess | Biography

Between 1986 and 1989--at a time when computer security was an unexplored field--a West German named Marcus Hess and a number of other computer hackers took advantage of loopholes in computer systems to gain unauthorized access to sensitive information. Pioneers in computer espionage, they reportedly sold that information to Soviet officials.

In the late 1980s, Marcus Hess worked as a computer programmer for a small computer company in West Germany. He also belonged to a computer group known as the Chaos Computer Club, based in Hamburg, West Germany. As a member of Chaos, Hess and a number of other West German hackers became involved in a computer-based espionage ring. Hess--who was known as "the Hanover Hacker" (because he lived in Hanover, West Germany)--started with a telephone call from his home phone. By making a local computer modem call in Hanover, he tapped into a European data network called Datex. From there he entered a library computer at the University of Bremen in West Germany. Tampering with the system's software, he fooled the computer into thinking that he was an authorized user with special privileges. Through the Bremen account, he connected to the Tymnet network in the United States. From there, he entered a computer at Lawrence Berkeley Laboratories in California that gave him access to other systems across the country.

Hess operated like a burglar who goes from one house to another attempting to find an unlocked door. In all, he tried to enter about 450 computers--of which he was able to enter approximately thirty. Much of Hess's activity involved the Milnet--a computer network that involves defense contractors and military installations. Administered by the Pentagon, the Milnet contains vast quantities of sensitive information. Hess's many targets included computers at an Air Force space division in El Segundo, California; army bases in Alabama and Georgia; the Buckner Army Base in Okinawa, Japan; the Mitre Corporation, a Virginia defense contractor; the Navy Coastal Systems command in Panama City, Florida, and others.

Once he hacked his way into a computer system, Hess was very deliberate and methodical in his attack. To look for sensitive information about military, nuclear, and space research projects in the United States and elsewhere, he used keywords such as "nuclear" and "SDI" to search documents. (SDI stands for "Strategic Defense Initiative"--a defense program also known as "Star Wars.") Hess located information on intelligence satellites, semiconductor design research, space shuttle missions, navy missiles, and plans for chemical warfare. He also examined systems he entered for passwords to other computers.

Hess's interest in military information is ultimately what led investigators to his doorstep. Clifford Stoll, an astronomer who was working as a computer manager, tracked Hess's movements for eighteen months. Stoll decided to lay a trap to entice the hacker to stay online long enough for the origin of the modem call to be traced. Stoll planted phony national security files that supposedly contained information on the Strategic Defense Initiative in the Lawrence Berkeley computer. The file was called "SDI Network Project."

Hess took the bait. Intrigued by the information he saw, he downloaded the file to his home computer. The process took more than one hour--more than enough time for authorities to trace the call. West German police, working with the FBI, were able to trace the hacker's call to an apartment in Hanover--at #3A Glocksee Strasse. On March 2, 1989, Marcus Hess was arrested at the apartment. The West German police also seized Hess's computer, records of computer passwords, and computer logs that contained the protocols (first draft) of a much publicized, July 27, 1987 invasion of a National Aeronautics and Space Administration (NASA) computer.

Hess and two other West Germans, Peter Carl and Kirk Otto Brezinski, who were also reportedly members of the Chaos Computer Club, were formally charged with selling software, military computer passwords, and other sensitive data to the KGB--the Soviet intelligence agency. In all, eight young men were suspected of selling secrets to the Soviets.

United States officials turned the matter over to German authorities. As far as U.S. government officials could determine, the hackers had not provided the Soviets with information that seriously compromised the nation's security. German authorities eventually released Hess because they did not have enough evidence to hold him. Jim Christy, the assistant chief of computer crime at the U.S. Air Force Office of Special Investigations in Washington, D.C., later charged that Hess's attorney had used a little known loophole in the legal system. The loophole prevented the government from looking at important files that were contained on Hess's computer--files which might have provided ammunition for his prosecution.