Sign In Sign-Up

Welcome!

Close

Would you like to make this site your homepage? It's fast and easy...

Yes, Please make this my home page!

No Thanks

  Don't show this to me again.

Close

As a Computer Security Specialist, my job is seldom simple. My work consists mainly of investigation of computer crimes. The computer crime is harder to solve than the traditional crime. For one, there is usually no physical evidence to link a hacker to the crime. All of the evidence is embedded in zeros and ones on a PC, terminal, LAN server, or workstation in an unknown location, plus it can be destroyed with the click of the mouse. The key is to work quickly. The moment a hack hits, I have to determine the location of the terminal ASAP. Once the location of the terminal has been determined, I need to break into it, attempt to recover the data and stop the perp. Really, the part I like the most about this job is that it is a battle of wits, mano e mano . Because essentially, I am a hacker. I just work for the other side.

I contemplate this thought as I awake after receiving the email on my emergency account. When a message comes it, the computer starts wailing like a siren until I read the message, so I have no choice but to get up. The message reads :

From ttrenton @ emerg.secure.cia.gov

To srobson @ emerg.secure.cia.gov

Subject Breakin - CODE RED Date February 16th, 2005 01:26 EST

Clearance Code XOPC325FA #3687D

Code Red Infinity? Looks like the shit has really hit the fan. I continue reading.

NCSA Orl . takedown, global fl. in 1 min

***SECURITY ALERT CODE RED NETWORK TIES SEVERING ***
NETWORK FAILURE #%%@#$*#^$@#$^&&@*)(#%&@(*%$&@#)$(@#&*^$@*^&#$^&*!@$

The symbols continued for about 10 pages down, normal signs of a network disconnection. But this message had shocking implications. NCSA stands for National Centre for Supercomputer Applications, the most difficult system to break, except for maybe the CIA. NCSA HQ in Orlando was taken down by a hacker obviously around midnight this morning. The NCSA is also the hub for all the data stored on the Internet, the global network of computers on which we all run our day to day lives. In 2001, the government opened Open Network service across the U.S. With a $350 appliance, you could plug into the Network through the government server free of charge. Due to the development of the HSNB (High Speed Network Bus) the Internet was no longer limited by the bandwidth of the network. Data could be transferred at a rate of 5.6 million kilobytes per second. You were allowed to store up to 500 gigabytes of data on the free server, and you could purchase whatever you needed for a nominal fee. By 2003, sales of PC's were practically nil, and practically all data was stored on the Network main server. Now, four years later PC's are nonexistent, all corporate databases, files, memos, mail and other information is online. I actually helped design most of the new corporate intranet security measures. In the last 10 years, the Internet has changed from a small community to a infinite corporate data bank. But now all of that data has been deleted, and the security of the Network, and the world has been compromised. I had to work fast.

* * *

Rick Iverness relished in his latest feat. Singlehandedly, he had effectively disabled the entire United States. Global chaos would result because of him. Him! Everyone told him he would never make anything of himself. They were wrong.

He laughed to himself. He laughed at the business leaders, who tomorrow would wake up and discover that there was no record of their existence. He laughed at the people, who had lost their identity. Birth certificates, drivers' licenses, legal documents, all was gone! Mostly he laughed at the government, who would try to sort out the mess. They wouldn't be able to, of course. The world was poised for at least a month of total chaos. Perfect.

It was a joke, a stupid joke that started it all. He was at lunch with a programmer and they started to comment about what would happen if the Internet crashed. From that moment Rick became obsessed with the idea of crashing the Network. He neglected his other duties. He talked to other hackers, programmers, even some close friends, trying to get ideas. He amassed a large quantity of information on how, the question was when? It had been quite easy to break in once all the preparations were in place. Before he downed the Hub, he broke into the NCSA server and looked at the security mechanisms that were in place. Then all he needed to do was to create the worm. To create his virus, he needed to reverse-engineer the Java Compiler to take out any of the safeguards that Netscape had implemented in its 8.04 release. Next he had to program the virus to overload the NCSA system. He had to cover his tracks, of course, in case something went wrong. Eventually, he dropped off the package using a Swiss router, and sent it, encrypted as a HTML file to the main server. The next person to access the NCSA page would trigger the virus. It was perfect, and they would never find out it was him.

* * *

4:25 am EST

Due to the destruction of the network resources, it was necessary for me to fly to the NCSA HQ in Orlando to inspect the problem. Normally a simple Telnet login from my home terminal could investigate the security parameters. I arrive at the NCSA HQ and am met by a frantic nerd with taped glasses and a pocket protector. He is holding a clipboard and waving it about. His security name tag reads Blaine Webber.

"Thank you for coming on such short notice Dr. Robson" he greeted me.

"I was under the impression it was an emergency."

Blaine hesitates for a second. "Yes, yes it is an emergency. A dire emergency! he accents for effect. The future of the world is at stake!

Well, I'm wasting time just standing here with you. Take me to the main server and I'll have a look around.

He leads me down the hall. Dr. Robson, the main server has failed. That is our problem !

Do you have a disconnected workstation?

Yes, we do, but I must warn you, it is ancient technology, I doubt that it could handle the task we have in hand". We pass a number of security clearance checkpoints and fingerprint locks, but none are functional because of the crash. We walk for what must have been a mile before arriving at a large translucent glass doorway. Blaine reaches for his passcard , but realizes that the computer lock has failed. Stuck onto the door are the words HIGH CLEARANCE AREA - EMERGENCY USE ONLY. Blaine reaches out and pushes the door open.

Inside the room is a solitary Intel Pentium 200 Mhz workstation, a relic in this age of 10 000 Mhz systems. I walk towards it and flip its switch. The computer whirrs and eventually takes me to the DOS prompt. I'm forced to try to recall my Computer Science courses from university to remember how to use this system. Eventually, it all comes back to me. I typed dir and keyed on a file named "DIAGNOSE.BAT". The hard drive churns. The diagnostic screen comes up, showing a menu. I select the "List Contents of Server" option. Examining the list I turn to Blaine. "This list is from about 3 yesterday morning . Is there anything more current?"

"Sorry Dr. Robson, the list backs up at 3 each morning. Normal security precaution, you know".

What was I supposed to do? Usually you could follow the data trail from the breach to the perpetrator. In tracing any hacker, seconds meant hours and hours meant days. Yet in this case the tracing tool was destroyed, and an 22 hour delay between the breakin and the final trace meant that this case would be next to impossible to solve. I shook my head and sent the file list to the printer.

* * *

In Rick's study, the television was on. Only the public television station remained, as it did not carry a digital signal, and therefore was unaffected by the crash. The program looked almost 1990's ish, with the old system of blending red, green and blue colours. Rick had lived through those days, and enjoyed the nostalgia. He had opposed the Open Network Act of 2001, the bill that placed the Internet in the government's control. Rick longed for the old Internet, the Net of the 1990's, an anarchy where anything goes and everything did. The old Net was run by the people, the people decided what they wanted to put on the network, the people did as they pleased. Now you can't even put up a homepage without the government censoring it first. Gone are all of the hacking sites, step-by-step guides on manipulating pay phones and the like. The Open Network is like some damn Disney movie, no one ever says a bad word, or causes any controversy, they just all live happily ever after. It truly was the "Open Not-Work", the phrase the hackers used when referring to it.

Well, he changed that. The crash was not the end of the Internet, it was its resurrection. Thanks to him, the Wild Net will return, and the government will be powerless to stop it.

* * *

9:00 am EST

The official press release from the NCSA was handed out to all the major newspapers which still published paper editions. It gave a general statement that the network has been shut down "for security reasons" and may not be back online for another week. It made no mention that all the data stored on the server had been lost. The press release recommended closing all "Network based" businesses until the problem was sorted out. The stock markets as well as other major corporations had issued releases that they would be closing until the Network was reopened.

That was the official version but I was in Orlando, in a meeting room with the Open Network Security Head trying to find out what went wrong. We welcomed each other and then got right down to business.

"What did you see when the system died?" I asked.

"Blank screens across the board. The systems froze, everything just died, no error messages whatsoever."

This was going to be harder than I thought. No sign at all at the moment of break down. "What were you doing when it crashed?" I asked. "What program were you in?"

"I was just doing routine diagnostics."

I needed to find out how the hacker got into the system! "Were there any remote accesses last night? By anyone?"

"I remember that an employee logged in at about 8:45 last night".

"Do you know their logoff time?" I doubted that he would, but it was worth a shot.

"Uh, I think it was around 9:30. That was the last remote login."

I'm grasping at straws here. "What about the Web site?"

"You can't get in from a Web site!" he points out. I'm not so sure.

"How many hits did you get last night?"

"Don't know the exact number. I think our web guy said we set a record or something. But I don't see how it's relevant" he added.

"Where is your Web guy? I need to talk to him".

* * *

At the time of the Open Networks Act, hackers across the world had united by setting up private servers that contained, free of censorship all the content of the government server plus individual content of their own. Since the technique involved breaking into the NCSA server, the government cracked down on these "pirate servers", closing down all that were still in existence. The server operators were charged with information theft, indecent use of a computer network and unauthorized access to a computer network. No charges were ever laid, but all of the pirate servers were given an ultimatum to cease and desist.

Now the tables were turned. When Rick related his plan to a friend known only as "Reaper of Death", Reaper said that this was an amazing opportunity to set up new pirate servers, only this time the pirate servers would be the norm rather than the alternative. Both of the hackers saw that they could crush the government once and for all, with their damn "Open Not-Work" plans.

Rick typed in the login name and password that Reaper had given him. He then opened up his new Web page and pressed the Send button. In about half a second, the page was on Reaper's new server.

The Dissolution had begun.

* * *

5:00 pm EST

I have been milling this over in my mind for the last 8 hours. There was a remote login at 8:45, the crash was at 1:20, and there were about 50 000 hits to the NCSA Web Site from about 5:30 to the crash. A file list exists, but it's from 11 hours before the breakin. My interview with the World Wide Web Security Head turned up little, and after inspecting what was left of the network I was no closer to a solution than I was this morning. I leafed through the file list, looking for something. I didn't know what, but I just hoped that the missing link would suddenly materialize. That's the way it is with a lot of computer security work, but usually there's something that you can go on. My eyelids were dropping regularly, as there's nothing more boring than reading through a list of names. I had Blaine get me an espresso to keep me awake. When he returned with my coffee, he had a message for me.

"Ed in Web Development thinks he might have found something" Blaine informed me. I jumped out of my chair and asked to see him right away. A minute later, Ed and Blaine came into the room. Ed was holding a stack of printouts. He tossed one on the table and pulled up a chair. I picked it up and looked it over. It was a printout of the HTML code for the NCSA page.

I asked Ed about the printout. He responded. "That is what our Web site normally looks like." Nothing abnormal about the code, I couldn't see any point in this discussion." Just as I was about to scold him for wasting my time, he pulled out another printout. He threw it on the table just like the last one. This one was essentially the same, and was time stamped 20:43.26 02/16/2005. Ed took it and pointed out one line of code. It read:

<APPLET> AP34.CLA

</APPLET>

To the untrained observer, it was just a simple Java applet declaration. Yet, I felt that it could be the missing link. Java applets are mini applications embedded in Web pages that execute automatically when a page is accessed. While they have many legal uses, they work well for hackers, as they can create applets that load viruses to the innocent user's computer. Or send malicious data packets across the Network.

"What does this applet do?" I asked.

"We're not really sure. It's not ours, and it wasn't there before yesterday. What we're sure that it did was to access our page about 50,000 times last night, which may have caused the crash."

"Do you have the applet?" I asked, just making sure.

"No, it's gone with the rest of the system."

"Thanks a lot Ed. Keep looking around, we're bound to find clues if we look hard enough."

Ed left to search around in the wreckage. The pieces to the puzzle were starting to fit together. The way I saw it, at 8:43, the hacker slipped in the worm, which started the crash process. Finding what was involved in that process was my next ordeal.

* * *

The pirate server had grown from the original 2 members to the bulk of Washington's hacking community. All of the elite gathered on a special chat room to officially open the server. The members commemorated the return of Network Freedom. The party progressed smoothly.

Once all the members had made themselves comfortable, Reaper announced that he had a special guest joining them. The others chatted amongst themselves, trying to figure out which important person had already joined their new Net.

At this time, Rick logged on to Reaper's room. He used his normal handle of "Striker". Reaper told the guests to stop typing. Most complied, and those who didn't were kicked off. Then the guests saw :

<Striker> i killed the open not-work

The guests erupted in a open display of joy. Cheers were typed out by everyone in the room and the ^> sign (applause) was typed for at least 5 minutes. Once the cheering died down, Reaper gave a rousing address to the people about how that Striker had undermined "the Evil of Authority" and brought back their freedom. Applause broke out after every line Reaper typed, and some had to be temporarily kicked because Reaper could hardly speak through the chaos. At the end of his speech, Reaper stated that because of his great, heroic deed, that Striker should be given the handle of MasterOfElite, Ruler of the Hackers. The guests indicated their approval with more thunderous applause. When the ceremony had been complete the guests finally saw :

Striker (144.32.53.543) is now know as Master#Of#Elite*

The applause continued for over an hour. After about an hour, Rick made a speech of his own, which was met with applause for another hour. Eventually, Reaper had to shut down the chat room but before doing so, he typed that the MasterOfElite would be lecturing in the same room the next day. Many promised they would attend.

Rick enjoyed his new-found fame. He felt accepted. The crash was an exciting adventure in itself, but to be lecturing to the master hackers of the world and having them take in every word? This was too much! For the first time in about a month, Rick shut off his computer and went to bed, exhausted from his exploits.

* * *

9:30 pm EST

I had been viewing printouts of the NCSA's Web site access records, searching for a link to the mysterious Java applet when Blaine appeared again in the door.

"You have a phone call Dr. Robson. Secure line." Blaine passed me the receiver.

"Dr. Robson, this is Ian Wellington, Computer Crimes Undercover Division, FBI. I have some disturbing news."

What could be worse than the destruction of the entire Network? "What is it Mr. Wellington?"

"The hackers are using the, er situation, to drum up support, or I guess dissention to the Open Networks Act. They've already set up their own network, and just had a big pep session on a chat room there."

"Aw shit, just what we need. The entire goddamn network goes down and we've got to worry about the hackers revolting." I was getting upset. This had far reaching implications. If the hackers set up their network before the government Net is back online, they'll have power over us. "Knowledge is Power" Bill Gates once said, and if the information resides on a hacker server, we'll have the same anarchy we had back in the 90's.

"There's more. The guy that crashed the Network gave a speech."

"How can you be sure?" I don't have time right now to listen to the FBI making conclusions based on no evidence.

"The Sysop, a guy named Reaper introduced this guy, big fanfare and all that shit, then your hacker, whose handle is Striker by the way says he crashed the Network. All these hackers start clapping for an hour then this asshole spouts some "Network Freedom for All" bullshit, which -"

"Did you track the IP?" I'm referring to the Internet Protocol Address, which will tell me where the connection is coming from. Any decent hacker will route their connection through different routers, so it's not as useful as it sounds.

"Yup. A Swiss router, Internet, not from this guy's server."

"European network is still online?" I thought that the global network was down.

"Anything that goes into or comes out of the States is screwed up. Switzerland has no outside connections, so they're online. No American connections are being allowed from anywhere though."

"Can we shut them down? If we can kill the pirate network, we can minimize the damage".

"Not legally. Before, they were breaking into the government server and stealing the information, but now it's all on their own server. They're not breaking any laws. Technically it's a private network. You can do anything you want."

"Shit. Well, keep on it, I'll look into this."

"Ok, thanks Dr. Robson". He hangs up. I tell Blaine to fetch me a laptop with a modem linkup immediately.

"Uh, Dr. Robson, there are none on the premises. We're usually all networked you know".

"I don't care how you get it, just hurry up. I'm going to track the IP of this Striker guy." Blaine hurries out. With that one phone call, we had a name, an IP and a much clearer picture of what happened early this morning. What worried me, is that if we couldn't break this guy, and quick, we would have a full blown international crisis on our hands.

* * *

It took only about three hours for Reaper to wire five other pirate servers into his own master network. The population of FreedomNet was now up to 20 000 members in just 12 hours. It was only days now before the balance of power would shift into the hands of the Freedom Fighters.

* * *

1:30 am EST, February 18th 2005

The laptop arrived about three hours after I had asked for it. Blaine apologized for the delay, saying that they couldn't find an analog modem (they hadn't been sold since HNSB was introduced). I booted up the system.

"How are you going to track the IP with the Network down?" Blaine inquired.

"I'm going to send a login request to the CIA server, and Telnet into Interpol in Europe."

"Isn't the entire Network offline?" Blaine seemed surprised that the CIA would be isolated from the main server.

"The CIA network was taken offline manually once we heard about the crash. I can turn it on remotely, Telnet to Europe and then get into the Swiss server." I grabbed a disk from my briefcase and inserted it in the floppy drive of the laptop. I answered yes to the Activate Network? prompt and waited.

Server CIA_SEC18 Has Responded to remote activation.

Username: srobson

Password : ****************************

Please wait........ Authentication Accepted, Server Activated

Close RemoteLog and Logon Normally

You have 20 minutes.

"Why only 20 minutes?" Blaine asked.

"If the server's been shut down, I'm only allowed enough time to fix it Then it goes back offline for security reasons." I pulled out another floppy and copied it to the hard drive. "That's my security authentication data and comm software". The copy complete, I loaded the comm program and logged on normally. I entered my remote activation password and my access code. The program responded :

You have 16 minutes.

I activated the remote login to Interpol, which went without a hitch. I typed in the IP that Wellington had given me, grabbed another floppy and activated its security bypass program. The server was taken offline, and I got another message.

From SecBypass :For security reasons, you have 5 minutes or less.

The Swiss server had too many files, I couldn't possibly go through them in 5 minutes. But I would have to try. I clicked on the directory named 0216, hopefully a date reference. I needed to enter another password here, so I ran SecBypass again.

SecBypass Warning : You are not alone.

Shit, shit, shit! I quickly typed flist .cla, which would list all of the Java Class files on the server.

SecBypass Alert : You are being disconnected. Sending Temporary Jam,
you have 10 seconds.
I panicked as the file list scrolled down the screen when I saw it.

AP34.CLA 02/17/2005 File 02:43.21
> receive ap34.cla

Sending AP34.CLA to 89.34.214.321 : 5 seconds remaining
 

SecBypass Alert: Jam has failed. Disconnect now.
Hurry, hurry, hurry! I was worried that they'd track me.

Download complete.

I killed the Telnet session and closed the program. Before viewing it, I checked the applet for viruses. There were none (except of course the one that brought the Network to its knees). I also checked the SecBypass Log.

SecBypass Log : Session Start 02/17/2005 21:48.12
Sent Warning
Local Login : RichardS
Sent Alert
Local Activation : KILL.BAT
Local Activation : TRACE.EXE
Sent Alert
Sent Temp. Jam
Jam Failed
Sent Disconnect Alert
Tracked IP : 89.24.214.321
Disconnected 21:53.45 02/17/2005
End Session

So I had been traced. That meant that I couldn't use the CIA server anymore. I opened the Java applet. It was signed by Striker, and was stamped with his IP. Two lines of the code caught my eye.

LOADPAGE [WWW.NCSA.GOV];
FOR Packet := 1 TO DO

SEND WORM.EXE:
UNTIL PACKET;

An infinite loop that sent data to the NCSA server and overloaded it! What data was the main question. I called Wellington and asked him to check out the IP on the applet. If we found WORM.EXE we'd know a lot more about how to foil the perp. Yet, how he got in is not as important as how we stop him. And I have a master plan that could beat him at his own game. I ask Blaine for another laptop, open a Java compiler and start coding.

* * *

The emails had been coming into Rick by the thousands since his big address on the chat room. However, one email was from the administrator in Switzerland that kindly allowed him to use his server for the breakin. It read:

Striker, the bastards are on to you. IP 89.24.214.321
CIA.

While it could have been a mistyping of CYA, or the acronym Cover Your Ass, Rick suspected that it was not. He fired up his comm program and got out his applet. He logged into Reaper's server and typed in the IP listed in the message.

Domain Name not Found.

What the hell was this! He tried again only to get the same error. He looked back in disgust and emailed Reaper to disallow that IP and to kill it if it attempted to logon. Reaper emailed back, saying that he would beef up his security. For the first time, Rick was worried that his plan may be foiled by the institution it was supposed to crush.

* * *

3:30 am EST

Another laptop arrived. I hadn't slept for over 24 hours and even the stimulating effects of the espresso's were beginning to wear off. I asked Blaine to bring me another one and called Wellington.

I wasted no time. "Mr. Wellington, I need your IP address."

"Here it is, 140.35.24.65. Is that everything?"

"Do you have an account on the pirate server?"

"Just for undercover purposes, why?"

"I'm going to go in and break them from the inside. I think that if we can find its location, we can get this guy." He gave me his password and username. Blaine returned with the espresso. I took a sip and then started the new laptop. What I needed to do was to set up multiple IP addresses, so that if Reaper or Striker tried to kick us, we could just reconnect on a different IP. My goal was to find the WORM.EXE file that was used on the NCSA and to track the location of the pirate server. Once we had the electronic location, we could determine where the server was located physically. I took out my selection of cracking disks and loaded them onto the laptop. I had to modify the code in SecBypass to allow me to instantly reconnect on another IP as soon as I was jammed. Other tools I had were a decrypter for deciphering hidden files, LightCode, which sent random passwords to the server at 500 million passwords a second until the correct one was picked and a remote login feature that I could activate anywhere on the server. The Java applet was also ready. I took a deep breath and connected to Wellington's system, and then to the server.

Your IP is : 140.35.24.65

FREEDOM NET AUTHENTICATION
Username : Galvanizer
Password : *************
Welcome to FreedomNet Galvanizer.
Select an Option
1. Chat 2. Web 3. FTP 4. Telnet 5. Logout > 5

I needed to logout so that I could use the same IP and activate SecBypass. I loaded SecBypass and reconnected.

Your IP is : 140.35.24.65

Beautiful. I was into Reaper's account.

SecBypass Warning : You are not alone.

Well, that didn't take long. I returned to SecBypass and selected Form Alias. At UserName I typed Galvanizer. Now all of Reaper's access privledges were copied to Galvanizer's account. I killed the connection and logged back on.

Your IP is : 34.67.233.572
I logged in as Galvanizer. The alias worked, I had Sysop access.

> flist
The file list displayed on the screen. I found the directory for Master#Of#Elite* and opened it.

Password Required for this Directory :

I ran LightCode and accessed the directory. I typed flist worm.exe.

File not Found
SecBypass Warning : You are not alone.

Reaper had figured out what I was doing. I logged out, created another alias and connected again.

* * *

Network Access from IP 43.26.345.327
Username : Killer
Password : ********

Who the hell was Killer? Reaper wondered. He was worried. Three logins, different IP's and one regular user suddenly had access to system files. He typed :

>peek user: killer

Peek Results
Directory of Master#Of#Elite
This asshole was looking at the Master's files? Well, so much for him.

^C
> kill user : killer
User killed.

Reaper leaned back in satisfaction, until he saw :

Network Connection from IP 56.326.43.29
Username : Deathlok
Password : ***********
> flist \priv\user\master#of#elite\
> kill user : Deathlok
Error : User cannot be killed

Who was this guy? Reaper was going crazy. Was this the CIA bastard the Master warned him about? He ran another peek.

> userlist
User List for Freedom Net
What did he want with the user list?

Notice : Your connection has been killed by Sysop
"I'm the goddamn sysop!" he yelled out loud. Reaper reconnected.

Sorry, your account has been locked out. Disconnecting.....
* * *

> delete user : reaper

User Deleted.
I then recreated the Reaper alias using SecBypass. This was beautiful, one hacker against another. But the Master was not logged on, so I couldn't get into his private machine. But I had a plan to lure him online.

Notice : Network Maintenance in 5 Seconds. Please logoff
Oh, no you don't. I started RemoteLog, and turned the server back on. I recoded the utility so that I had no time limit, plus I locked the server so that it would not turn off unless RemoteLog was closed. I returned to the pirate server, logged on as Reaper and typed mail. I sent off a message to master#of#elite@freedom.net. It read:

Bastards on to me. Trying to shut down server. Log on and help stop them.
Authentication Code : 543#XJRKJLFEJ#456
Reaper's Authentication code was automatically appended to the message. For the rest of the plan to be successful, Striker needed to fall for my ruse.

* * *

Rick was glad that his computer was set up to beep like an alarm clock when new email came in, especially when he saw that it was an SOS from Reaper. The government thinks that they can defeat him. Well, screw them, he laughed as he logged into Reaper's server.

* * *

> peek user : master#of#elite

As soon as Striker logged on, I felt a surge of elation. Not only had he fallen for my bait, but he summoned me into a private chat room as soon as he logged on. I needed to run IPMask to make my IP appear to be the same as Reaper's before I joined him.

<Master#Of#Elite> What's the prob?
<Reaper> cia bastards
<Master#Of#Elite> what'd they get?
<Reaper> they killed FREEDOM NET
<Master#Of#Elite> did they get the worm?
<Reaper> not yet, i'm sure they'll come back
<Master#Of#Elite> kill the server
<Reaper> they can turn it on yet, you need to give me the worm and
 i'll hide it
<Master#Of#Elite> i'll just delete it, just a sec
<Reaper> NO!

I waited for 5 seconds. When nothing came through, I was worried. I can't let him delete that file! I'm going to try a remote login to his workstation. I start the Telnet app and wait.

Connection Accepted
>flist worm.exe

* * *

Connection by 12.78.346.285
Huh? Why was this IP connecting to my machine? It wasn't Reaper's so who was it?

>peek ip : 12.78.346.285

> recieve worm.exe
Sending WORM.EXE 2 seconds remaining
He'd been tricked! This wasn't Reaper, it was the CIA bastard! He flicked off the computer.

You do not have access to take this computer offline.
Shit!!!! What the hell is he doing?

> peek ip : 12.78.346.285

WORM.EXE transferred successfully

> recieve loghist.txt
Sending LOGHIST.TXT .... Successful!

The Log History file of the IP's he used to drop off the package!
Shit!
> kill con local
Local Console Killed
Rick pounded on the keyboard, but nothing came out. "YOU GODDAMN ASSHOLE!!!!" he screamed.

> ping current
Address is 162.24.254.51

Rick was dead. The CIA bastard had killed his dreams, tricked him into letting him logon to his station and now knew his exact location. The cops would pick him up any minute now. He looked at the screen in despair.

> send ap35.cla
What the hell was this? The worm was AP34.CLA.

File sent.
Formatting.....

The applet, shit, shit, shit! The asshole programmed it to format his drive! Rick frantically tried to Control-Break the applet before remembering his console had been killed. What else would this CIA bastard do? All his data was gone, not that it would be of much use where he was going. But all of these assaults to his dignity, his reputation as a master hacker while he was powerless to stop it.

Format Complete.

And then the final insult :

SRobson is now known as Master#Of#Elite.

This was too much for Rick. Not only had his dignity been stripped away, but also his title that he had risked everything for. He threw open his apartment window and jumped.

* * *

Using the IP's in Rick Iverness' history file, most of the data lost in the crash was recovered and the Open Network was brought back to its previous glory. William Cobb, alias Reaper was arrested and charged with being an accessory to unauthorized computer access. The Swiss server operator, Sam Richard was charged with the same crime, and is to be extradited to the United States. For their roles in assisting with the investigation, Ian Wellington and Ed Bacon were given jobs in the CIA Computer Crimes Department. Blaine Webber, assisted by George Nixon Head of Computer Security are coordinating a global mandate to ensure that this doesn't happen again.

And myself? I was offered a post in the Department of Defense for my efforts but turned it down. I think that i'll just take my gold watch and retire. After all, I am Master#Of#Elite, and what more can I ask?