The guest keynote speakers at technology conferences can be hit or miss, but Hitachi Data Systems (HDS) Canada (NYSE: HIT) certainly scored a hit by bringing in Michael Calce, aka Mafiaboy, to speak at its recent Information Forum event in Toronto.
Calce, who rose to prominence as the teenage hacker from Montreal who was the target of an RCMP/FBI manhunt following a massive directed denial of service attack that brought down the Web sites of major companies such as CNN, Amazon, Dell and Yahoo in 2000, provided a fascinating recounting of the events of a misguided youth, and a chilling warning of the dangers of over-sharing in the information age we'd all be wise to heed.
Calce got started with computing early, getting his first white box PC when he was six. He worked his way through it, devouring the manual and learning the technology, fascinated by the capability to play games and store data. Like a good Canadian, when he began to dabble in programming the first application he wrote was a program to store and keep track of his hockey card collection (he's a Montreal Canadiens fan).He first got onto the Web at age nine, and we can perhaps trace his troubles back to one of those ubiquitous annoyances of the 1990s: those America Online CDs that littered our junkmail, offering 30 days of free AOL service. Calce said he was fascinated by AOL and the online interaction it offered him with people around the world.
The problem was he didn't realize that it was only the first 30 days that were free. Calce was paranoid he'd lose access to this new world he'd discovered. He was already using AOL to look for cracked versions of games (warez) because “he didn't want to ask his parents for more, they'd done so much already” and, with his free trial running out, he found an application that allowed him to “social engineer” people on AOL.He was able to pose as an AOL administrator and contact users, telling him there had been a power outage and he needed them to provide their account information.
“I was surprised that I was successful the fourth time I tried it,” said Calce.
His career launched and AOL access assured, Calce had his first encounter with a real hacker when he ran into a more powerful user while he was “talking smack” in a chat room. In retaliation, that user “punted” him offline and severed his AOL connection temporarily.
“I was fascinated that more capability existed, the ability to overload with data to sever the connection. I went down the rabbit hole,” said Calce.
He soon graduated from AOL to IRC chat, looking for more cracked games to download. Finding long lines of people waiting to download the pirated software, he started looking for ways to skip the line. By this time he was losing focus in school, sleeping through class and staying up all night online. Eventually he found an IRC channel that was recruiting hackers, and convinced the leader to let him learn and give him a chance. He was 11 years old.
“I felt privileged that someone was willing to give me a chance,” said Calce. “It's really hard to start out in the hacking industry.”
The group was looking for hackers to co-opt public high speed networks like schools and use them as servers to distribute pirated software. It was all about notoriety, he said, not public gain.
“Back when I was hacking the objective was just to hack something to say you'd hacked it,” said Calce. “Today, everything is about monetary gain. Hackers have completely changed their psyche.”
When his IRC hacking group disbanded after its leader disappeared Calce became a self-described “mercenary” in an ongoing IRC war. With everyone doing denial of service attacks he decided he's better “get suited-up” but there was only so much he could do with his Pentium 133 and a dial-up connection, often with 80 telnet windows open simultaneously. He decided to build a network of “slave” computers, controlled by a master computer, in early 2000.