"It was obsessive," Nick later explained. "Five or six hours can seem like five minutes." He drank coffee and Coke and ingested caffeine tablets to keep going.
"When you get into a system, you must keep going. It might take four or five hours to penetrate the defenses and another four or five hours to protect the position that has been established. If protection isn't put into place, then the earlier work could be wasted." The challenge was in beating the system; success came from staying awake. It gave him a feeling of power: he enjoyed knowing that while the designated sysman thought he controlled the computer, in fact it was himself, Nick, who had manipulated system-manager status and was really in control.
Nick compared hacking to a game of chess, a battle of wits between himself and the system, nothing criminal, just a game.
The excitement comes from knowing that a computer in the bedroom at home can be used to break into multimillion-dollar installations. There's the thrill of exploration, of going around the world electronically. The objective is to try to gain the highest status within the system, that of system manager, and once there, to begin making the rules instead of following them. If the system manager blocks one way in, then you find another. It becomes a game with the systems manager; the hacker's goal is simply to try to persuade the computer that he should have increased privileges.
One person who didn't see it as a game was Bob Jones, the chief programmer at Queen Mary College. A tall, well-built man with beard and glasses and an academic uniform that sometimes runs to jeans and T-shirts, he had been at the college since 1968, first as a physics student, then staying on to work full-time at the QMC computer center after earning his degree in 1971.
He worked out of a large office on the top floor of the computer science block, a nondescript concrete shell of a building in east London. His office was near the computer center, a cramped room packed with mainframes, some of them ICLs. In the room's center were eight consoles set up on adjoining desks, which al- lowed the activities of the mainframes to be monitored but were usually unmanned, particularly at night.
Jones first realized that the QMC system had been breached by a hacker on February 19, 1988. He had heard reports from colleagues at the Universities of Glasgow and Hull that their own systems had been hacked by someone calling himself Alan Dolby. What he saw on his computer was a series of files that had been incorrectly stored in the memory, one of which had been labeled AD. He began searching for signs of further tampering, and he soon found it: the four OLAD user files Nick had created to give himself a smooth path into the QMC computer. The files appeared to have been created a month previously.
Jones immediately reported the intrusion to his superior, Jeremy Brandon, the director of the computer center, although it was clear that their options were limited. They could attempt to lock their hacker out by closing all of the OLAD files, but that might force the hacker to try more devious back-door methods to regain access. If he entered the system through such a method, they might not be able to find him again--and he might do some real damage. Instead, they decided to leave the files as they were and watch him, although they did remove the Mad Hacker's sysman status.
When Jones came into the office on the morning of March 30th, he found that there had been no work processed on the computer since about two A.M., when the scheduler (the program listing the priority of jobs) had failed. Its failure coincided with a successful hack of the system made by OLAD028.
Jones and Brandon decided to record future intrusions on a dedicated journal within the computer. They also decided to wipe out three of the user-names, leaving only OLAD028, the one the hacker had consistently employed. It would be easier to track him this way.
By this time the hacking incidents had been reported to QMC's head of security, who passed on the information to Scotland Yard's Computer Crime Unit. Although established in 1971, the CCU had until 1985 consisted of only one officer. Then, as computer crime escalated and the government became concerned about the vulnerability of its own systems, it was eventually enlarged to four officers-- still not a big force, given that Scotland Yard can be called in on cases anywhere in Great Britain. The unit is headed by John Austen, who was the officer assigned to investigate the Mad Hacker affair.
