Top 5 Famous Computer Hackers: From Conficker to the First Computer Virus
People who brought computers to their knees -- or changed the world.
April 2, 2009 -- April 1 is the day the Conficker computer worm was supposed to do something terrible to millions of computers running Microsoft Windows -- though engineers were at a loss to say just what that something was.
So what happened? If your computer lets you read this story, we can presume it's not a smoldering wreck.
But somewhere in cyberspace, some hacker, or hackers, created Conficker, and they're still out there. So are others.
What's a Hacker Anyway?
Merriam-Webster has multiple definitions of "hacker." One is very positive: "an expert at programming and solving problems with a computer." Another is darker: "a person who illegally gains access to and sometimes tampers with information in a computer system."
But you may be surprised to know what's happened to the most famed hackers of the past. We went looking for a way to measure the top cases -- perhaps in terms of dollar cost or computers infected -- and the consensus we found was that it's hard to do.
"Tagging a damage amount or number of machines compromised to a single virus (let alone a single person) is very difficult," said Nicholas Newman, who tracks computer crimes at the National White Collar Crime Center.
"Data can be transmitted across the globe in a matter of seconds, and computers are infected with malware just as quickly," he wrote in an e-mail to ABC News. "As a result, accurately counting the number of machines infected by a particular worm is impossible and can only be estimated."
Alfred Huger of Symantec, the online-security firm, largely agreed. "We don't track individuals," he said, "we follow software threats."
He named some particularly virulent cases of recent years: the Code Red worm of 2001 and the SQL slammer worm of 2003 (no perpetrators were caught), as well as the Blaster worm from 2003 (an 18-year-old from Minnesota, Jeffrey Parson, served 18 months for writing one variation of it).
He said Conficker is tops on his list in recent years: "It was dramatic in how quickly it moved. However, it didn't have any impact. Yet."
Top of the List: America's Best-Known Hackers
So here are some of the most famous -- or infamous -- hackers, compiled with the help of Symantec, the Justice Department, the National White Collar Crime Center, and several technology consultants. You may despise some of them; others, you may actually like. Please feel free to suggest others, or argue with our choices, in our comments section.
Fred Cohen
In 1983, Fred Cohen, then a Ph.D. student at the University of Southern California, wrote a short program, as an experiment, that could "infect" computers, make copies of itself, and spread from one machine to another. It was benign. It was hidden inside a larger, legitimate program, which was loaded into a computer on a floppy disk -- something few computers sold today can accommodate anymore.
Other computer scientists had warned that computer viruses were possible, but Cohen's was the first to be documented. A professor of his suggested the name "virus." Cohen now runs a computer security firm.
"You could write defenses 'til the cows come home," he told ABC News back in 1988, "and it's guaranteed that eventually that some virus will be able to get past those defenses."
Kevin Mitnick
It takes some diligence to get the Justice Department to call you "the most wanted computer criminal in United States history." Kevin Mitnick was diligent.
He was first arrested when he was 17, and spent time in and out of jail. He broke into computer systems at Novell, Motorola, Sun, Fujitsu and other firms, stealing their software and crashing their machines. He was caught, for the last time, in 1995.
He did time -- four years of it -- before he was convicted and sentenced to 46 months in prison with credit for time already served.
When he was released, and finished a period when he was under orders to stay away from computers, he wrote two books -- with hacker-ish titles like "The Art of Intrusion." (If you ever saw a movie called "Takedown," it's about Mitnick.) He now runs a computer security firm.
Computer Worm Virus: Infamous Creators
Robert T. Morris
In 1988, Robert T. Morris, a graduate student at Cornell, unleashed the first widely known computer "worm" -- a virus that spread over the Internet.
Morris said the whole thing was a benign experiment that got out of control, but prosecutors said he had caused hundreds -- if not tens of thousands -- of dollars in lost productivity for each computer affected. He was sentenced to three years' probation, community service, and a fine of $10,000 plus legal costs.
But like many of his ne'er-do-well brethren, he was a bright guy. In 1995 he co-founded a startup company that made software for online stores. In 1998 the firm was bought out, for about $45 million, by another online startup called Yahoo.
Morris is now a professor in the Computer Science and Artificial Intelligence Laboratory at M.I.T.
Kevin Poulsen
Kevin Poulsen had good taste in cars. In 1990 a Los Angeles radio station (102.7 on the FM dial) promised a free Porsche to the 102nd caller of the day. He'd already hacked into their phone lines, and mysteriously became caller number 102.
The government was already after him. Having first been caught in his teens -- and rewarded, after punishment, with a computer-security job at a high-tech lab -- he broke into computers run by the FBI and the Defense Department.
After 17 months on the run, he was arrested in 1991 and held without bail. The sentence he finally served -- 51 months -- was the longest for computer crimes at the time.
He does not run a computer security firm. Instead, he writes about it. His blog at Wired News is called "Threat Level."
Shawn Fanning
Shawn Fanning, by most people's definition, is hardly a hacker, but he did more to change the way computers are used than most hackers, for good or evil, can ever hope.
Does his name ring a bell? Perhaps you'll remember his nickname: Napster. Friends at college called him that because of his short, kinky hair; he went on to use it as the name of a Web site for sharing his favorite music with friends.
Napster soon had a lot of friends -- a lot -- and music has never been the same since. People found that music, saved digitally in the MP3 format, sounded just about as good as the music recorded on Compact Discs -- and even better if the CD cost $15 while the MP3 download was free.
Conficker to Napster: Notorious Hackers
Record companies sued Napster. They sued college students who downloaded music from Napster. They won the battle, but lost the war.
Out of the ashes rose a phoenix. A compromise was struck. Instead of going to a store to buy a Britney Spears CD, why not go to Apple's iTunes to download "Oops!...I Did it Again" for 99 cents? You get the music -- a digital file instead of a physical disc -- and you can skip all the other tracks you really don't care for.
Fanning is out of the music business now. In 2006 he started Rupture, a social networking tool.
The Conficker Creator
The author of today's newsmaking worm is -- well, authorities say they don't know if it's a he, a she, or a they. Somewhere out there, Conficker's author or authors have been sending their program around the world, and driving security professionals crazy by updating it whenever someone gets close to deciphering it.
"We've got some bad guys who are extremely sophisticated," said Merrick Furst, a Georgia Tech professor who also heads a computer-security firm.
Looking Back
Cohen, the creator of that first virus, now 25 years ago, looks on those who followed and wonders what's kept them.
"Something that surprises me," he said, "is how long it's taken for the hackers to get any sophistication."