Hackers Becoming Consultants

W A S H I N G T O N,   Jan. 6, 2001 -- Who ya gonna call? Hackers?

Some of the Internet’s most adept online snoops are hoping big business soon will be chanting that Ghosbusters-like refrain: These hackers are forming a new company to advise the world’s largest banks and hospitals how to keep their data safe from cyber-intruders.

Members of the Boston-based L0pht Heavy Industries, who once boasted to the Senate that any one of them could cripple the Internet in the United States within 30 minutes, today were announcing the creation of their consulting company, @Stake. They say they have more than $10 million in funding from venture capitalists.

That Mudge Is Certain

The new vice president of research and development — widely considered among the world’s leading hackers — will continue to use only his online handle, “Mudge,” to identify himself.

“The U.S. Senate referred to me as Mudge. Mom and Dad refer to me as Mudge,” he told The Associated Press. “I figure, why break the streak?”

L0pht (pronounced “loft”), whose eight members sold software to crack the passwords of Microsoft Windows NT computers and to detect other hackers secretly monitoring a network, will disband as an organization. All its members — with such colorful monikers as “Space Rogue,” “Dildog,” “Weld Pond” and “Brian Oblivion” — will join the new company, based in Cambridge, Mass.

Testified Before Senate

Wearing business suits, the group described as a “hacker think tank” testified about lax computer security before the Senate Governmental Affairs Committee in May 1998. They said any of them could easily bring down the Internet in North America, although other experts dismissed the claims as exaggerated.

Committee Chairman Fred Thompson, R-Tenn., allowed L0pht’s members to use only their online handles “due to the sensitivity of their work,” although they are widely interviewed by national media. ABC’s Sam Donaldson talked with “Space Rogue” in October.

“They’re very, very good — first rate,” said Bruce Schneier, an expert on data-scrambling and chief technology officer for Counterpane Internet Security Inc.

Seen as BrilliantRuss Cooper, who publishes the NTBugtraq newsletter exposing security risks in Microsoft’s products, called the group “eight brilliant geniuses.”

The new company includes mainstream industry executives, including new Chairman John Rando, a former senior vice president at Compaq Computer Corp., and another well-known security expert, Daniel Geer.

But most remarkable was the presence of those who embrace their roots as “gray-hat hackers,” insisting they never used their unusual computer skills to break into systems illegally but acknowledging they study the techniques and even provide some tools for those who do.

“We wear (that label) with pride,” said “Mudge,” whose long hair flows past his shoulders. “We will look at any angle that we can. We’re not over there breaking into systems. We’ll let our record speak for itself.”

The new executives suggested they weren’t concerned that the nation’s largest banks, brokerages and health-care companies might be reluctant to hire hackers to secure their own sensitive information. “Mudge” called it “not a hurdle as much as a springboard,” saying prominent companies and government agencies had informally sought L0pht’s advice in the past.