UA graduate suspected of computer fraud

By Joseph Altman Jr.

Arizona Daily Wildcat

A UA graduate was accused of breaking into other people's computer accounts, raising concerns of network security on campus.

In a letter to the dean of students, Brendan Johnson, president of the Hardware And Computing Knowledge Society, said Sunarto Jeh's account was removed from the system that HACKS operates. Jeh graduated in December, but still had access to his account while residing in Chicago.

The account was removed last week after a HACKS administrator discovered a program in Jeh's account that can be used to break into other people's accounts.

In the letter, Johnson states that the program was "written by (Jeh) to assist him in breaking into other people's computer accounts and in harassing them."

A number of people reported their accounts were broken into early last week, Johnson said. That prompted HACKS to search for suspicious programs.

The program that was found is called a "sniffer," designed to capture information from a user's terminal. This allows the program's user to see another user's keystrokes, which can be used to discover the user's password. The program can also blank a person's screen or disconnect them from the server.

However, Jeh said he meant no harm by using the program.

"I got that program from a UNIX security newsgroup," he said. "People all over the world can get the program."

According to the letter to the Dean, a line in the program states, "The whole point of this exercise being that I shouldn't be allowed to manipulate resources which do not belong to me."

Jeh only used the program to

show Dorbin Ng, a research assistant in the University of Arizona Computer Engineering Department, that there is a "back door" to the UNIX system, he said. By using the program, he hoped to develop a way to close that back door.

Ng is the administrator of two systems on campus. Ng confirmed he was working with Jeh to see the types of security threats present and see what he could do to prevent security breaches.

Jeh said system administrators have never responded to his questions and he "does not have a clue" about the claims against him.

"I never got into someone else's account that's a definite thing," Jeh said. "This is not fair because they never really explained things to me."

While the Dean of Students Office would not confirm nor deny that they are investigating Jeh's case, assistant dean Veda Hunn said the office has handled "a small number" of computer misuse cases, and the office has imposed sanctions upon students in the past.

Mark Westergaard, principal computing manager for Center for Computing and Information Society user support, said breaking into other users' accounts is becoming more common.

"It's so common that people are using computers to find other people's information that it's driving us crazy," Westergaard said.

"This is the first time we've caught somebody," Johnson said.

In the letter to the dean, Johnson has asked for Jeh to be suspended from classes for this semester, however, the Registrar's Office confirmed there is no record of Jeh's enrollment at the UA.

Johnson also said Jeh's alleged actions are a violation of federal law and CCIT policy. No charges will be filed with police because "the Pima County Prosecutor won't touch it," he said.

"Pima County has too much to do already and the guy is in Chicago," Johnson said.

Dick Ecelbarger, director of computer operations for CCIT, said there are large gray areas in law and policies concerning the Internet, and while the UA's student code of conduct and classified staff and personnel policies deal with computer security, civil and criminal law is less precise.

According to Arizona Revised Statutes, second degree computer fraud, which includes the unauthorized access of or damage to hardware, software or data, is a Class 6 felony punishable by a maximum one-year prison sentence and a fine of up to $150,000.

CCIT has referred incidents of hacking to law enforcement agencies that have performed investigations, Ecelbarger said. In one situation, the case was forwarded to the County Attorney's office, but it decided not to prosecute.

Sgt. Brian Seastone of the UA Police Department said UAPD has investigated "a couple" of computer fraud cases, but none of them have been prosecuted.

Westergaard said a big problem is that programs such as the one found in Jeh's account are becoming easier to get a hold of on the Internet, which can be a problem for system administrators.

A new program called "SATAN," or Security Administrator Tool for Analyzing Networks, was just released this week and is available through shareware, he said. The program tests for known security vulnerabilities on a network a useful tool for system administrators, but also can be used by hackers to crack a system.

Ecelbarger said the programs are legitimate tools, but also can be used for the wrong reasons, like in the HACKS case.

"We've used that program to help (users) solve a problem. If they're trying to run an application, we can either go to their office to look over their shoulder, or we can run one of the programs," Ecelbarger said.

"It's probably a beneficial tool that someone has tweaked in an inappropriate manner," he said. "It's a tool that's supposed to be good for you, but in the wrong hands or in an inappropriate manner it can be used against you."

Read Next Article