At first, Chaos was just another "information provider" on Btx. Subscribers to the service could dial up and read pages of information supplied by Chaos on their home computers. Users vere charged at a premium rate for the calls, with proceeds shared between the Bundespost and Chaos. This seemed a good recipe or making money--until one of the computer wizards at Chaos discovered that security on the system was hopelessly weak. He realized that if a hacker broke into Btx, he could get hold of the Chaos ID and password (used by the club to access and update the information on its pages), then dial up other services and ~ddle Chaos with the cost. With a minimum of 10 marks per call, bout $6.80, the amount involved could soon become astronomic.
Chaos's founder, Wau Holland, and a younger member of the club, Steffen Wernery, then aged twenty-two, decided to go public with the discovery. The two contacted Hans Gliss, the managing editor of the computer security journal Datenschutz-Berater ("Data Security Adviser"). Gliss invited Holland and Steffen to attend an upcoming conference on data security and present their information. But at the meeting Bundespost representatives disputed the club's claims, unwisely stating that its Btx security was impenetrable. It was the cue for Chaos to demonstrate otherwise.
The Chaos team hacked into the Btx system and into the account of their local savings bank, the Hamburger Sparkasse. They then introduced a computer program they had written, causing the bank to call up the Chaos Btx pages repeatedly over a ten-hour period. The program was simple: it merely called the Chaos Btx number, waited for an answer and then hung up. Over and over again. After ten hours, the bill for the bank came to almost $92,000. But although the bill was never presented, the ensuing publicity carefully orchestrated by Chaos through the German press agency--forced the Bundespost to improve its computer security, and Holland and Steffen became national heroes.
The publicity increased Chaos's notoriety; its first annual congress was organized as a result of the coverage engendered by the Btx hack. Chaos became a byword for high-tech mischief, and its congresses became an important breeding ground for the German computer underworld. These congresses were always held during the week after Christmas at the Eidelstedter Burgerhaus on Hamburg's Elbgaustrasse. The events lasted for three days, and press and visitors were welcome, provided they paid the entrance fee.
In 1985 one of the paying visitors was Karl Koch. Steffen remembers seeing him there and being introduced briefly. He is also certain that they also met on one other occasion, at a hacker conference at an exhibition in Munich. Koch was an unmistakable figure: tall, emaciated, and invariably spaced out.
For the next three years their lives would crisscross in a complex dance. If Koch had seen the pattern, he would have understood. It was the Illuminati, faceless, unknown, all-powerful, conspiring to take control of Steffen's life.
Koch's purpose in visiting the 1985 Chaos congress was to seek out certain information on computer systems and networks. Despite his years of practice, he himself was a second-rate hacker. He had come to realize that he was not a born computer wizard; he needed assistance. He was coming under increasing pressure from Kahl to find and copy classified material from computers in the West, and his money was running out just as his dependency on drugs was increasing: from the relatively harmless hashish favored by many hackers, he had graduated to LSD and cocaine.
At first the Soviets had seemed incredibly naive: Koch was able to pass Kahl public-domain software, programs he had simply downloaded for free from electronic bulletin boards. The KGB had accepted the software, and Koch had received payment. It seemed very simple, and he assumed he wasn't doing anything illegal: after all, public-domain software is freely available to anyone who wants it.
But then the Soviets became more demanding. The KGB had produced lists of programs it wanted to obtain and sites it wanted cracked. They also wanted dial-ups, user IDs, passwords, and instructions on how to gain system-operator privileges in computer systems. In short, the KGB wanted to learn how to become hackers.
