After identifying a suitable 1-800 number, hackers break into the system to take over a box or, better, a series of boxes. Security is often lax on voice-mail computers, with box numbers and passwords ridiculously easy to guess by an experienced hacker. One of the methods has become known as finger hacking: punching away on the telephone keypad trying groups of numbers until a box and the appropriate password are found. Ideally, hackers look for unused boxes. That way they can assign their own passwords and are less likely to be detected. Failing that, though, they will simply annex an assigned box, changing the password to lock out the real user.
VM boxes are more secure than hacker boards: the police, for a start, can't routinely monitor voice-mail systems as they can boards, while hackers can quickly move to new systems if they suspect the authorities of monitoring one they are using. The messaging technology of voice-mail systems lends itself to passing on lists of codes. The code line is often the greeting message of the hacker-controlled mailbox; in other words, instead of hearing the standard "Hello, Mr. Smith is not in the office. Please leave a message," hackers calling in will hear the current list of stolen code numbers. In this manner, only the hacker leaving the codes need know the box password. The other hackers, those picking up the codes or leaving a message, only need to know the box number.
It was ultimately a voice-mail computer that led the authorities to Doucette. On February 9, 1989, the president of a real estate company in Rolling Meadow, Illinois, contacted the U.S. Secret Service office in Chicago. His voice-mail computer, he complained, had been overrun by hackers.
The harassed real estate man became known as Source 1. On February 1 5th, two Secret Service agents--William "Fred" Moore and Bill Tebbe--drove from Chicago to the realtor's office to interview him. They found a man beset by unwanted intruders.
The company had installed its voice-mail system in the autumn of 1988. The box numbers and passwords were personally assigned by the company president. While the 1-800 number to access the system was published, he insisted that the passwords were known only to himself and to the individual box users.
In November 1988, during an ordinary review of the traffic on the system, he had been startled to discover a number of unexplained messages. He had no idea what they were about or who they were for; he thought they could have been left in error.
However, the number of "errors" had grown throughout November and December. By January 1989 the "errors" had become so frequent that they overwhelmed the system, taking over almost all of the voice-mail computer's memory and wiping out messages for the company's business.
The Secret Service recorded the messages over a period from late February to March. Listening to the tapes, they realized they were dealing with a code line.
The law on access devices prohibits the unauthorized possession of fifteen or more of such codes, or the swapping or sale of the codes "with an intent to defraud." (Fraud is defined as a $1,000 loss to the victim or profit to the violator.) On the tapes, the agents could identify 130 devices that were trafficked by the various unknown callers. They also heard the voice of a woman who identified herself alternatively as "Kyrie" or "long-distance information."
It seemed as if she was running the code line, so they decided to focus the investigation on her.
In March security officials from MCI, the long-distance telephone company, told the Secret Service that Canadian Bell believed "Kyrie" to be an alias of Leslie Lynne Doucette, a Canadian citizen who had been hacking for six or seven years.
In March 1987 Doucette had been convicted of telecommunications fraud in Canada and sentenced to ninety days' imprisonment with two years' probation. She had been charged with running a code line and trafficking stolen access codes. Subsequently, the Canadians reported, Doucette had left the country with her two children.
Later that month an MCI operative, Tom Schutz, told Moore that an informant had passed on the word that a well-known hacker named Kyrie had just moved from the West Coast to the Chicago area. The informant, Schutz said, had overheard the information on a hacker "bridge" (a conference call). At the beginning of April an MCI security officer, Sue Walsh, received information from another informant that Kyrie had a Chicago telephone number.
