Tech by VICE

Researchers Are Liberating Thousands of Pages of Forgotten Hacking History From the Government

Using FOIA, they’ve already published NASA’s official report about the infamous WANK worm.

by Lorenzo Franceschi-Bicchierai
May 10 2019, 2:47pm

Image: amesy/Getty Images

In 1989, just a few months after the web became a reality, a computer worm infected thousands of computers across the world, including those of NASA. The worm showed a message on the screens of the infected computers: “Your System Has Been Officially WANKed.”

Late last month—30 years after the "WANK worm" struck NASA—the agency released an internal report that the agency wrote at the time, thanks to a journalist and a security researcher who have embarked on a project to use the Freedom of Information Act to get documents on historical hacking incidents.

The project is called “Hacking History,” and the people behind it are freelance journalists Emma Best, and security researcher (and former NSA hacker) Emily Crose. The two are crowdfunding to raise money to cover the costs of the FOIA requests via the document requesting platform MuckRock.

In the last few years, hackers and the cybersecurity industry have gone mainstream, earning headlines in major newspapers, becoming key plotlines in Hollywood movies, and even getting a hit TV show. But it hasn't always been this way. For decades, infosec and hacking was a niche industry that got very little news coverage and very little public attention.

Have a tip about hacking history? You can contact this reporter securely on Signal at +1 917 257 1382, OTR chat at lorenzofb@jabber.ccc.de, or email lorenzo@motherboard.tv

As a result, the ancient and not so ancient history of hacking has a lot of holes. Now, the two women are trying to fill in those gaps in hacker history, like missing pieces of a puzzle, sending FOIA requests to several US government agencies, including the FBI.

“Before the era of Anonymous, most news stories about hacking were panics of one sort or another,” Best told Motherboard in an online chat.

Best and Crose have already filed around 50 FOIA requests related to well-known groups that have made hacking history, such as the Legion of Doom, the Cult of the Dead Cow, the infamous Anonymous offshoot LulzSec, and GoatSec.

“The files will capture a mix of the history of hackers and the FBI's investigation of/interest in them,” Best said.

“That's the primary source materials for infosec history.”

The two have raised more than $2,300 already to help pay for fees associated with filing the FOIA requests, and plan to collaborate with Property of the People, a nonprofit that pushes for government transparency through FOIA requests and litigation. Best and Crose said they really don’t have an endgame in mind yet, but Crose mentioned they might publish the most interesting documents—and their accompanying stories—in a hard copy zine.

“[It’s] more subversive that way,” Crose said, explaining why she wants to do a printed zine rather than an online one. “An homage to the past.”

Either way, the goal is to gather, publish, and thus preserve historical documents that may otherwise get lost.

“That's a major thing we want to accomplish, I think: get these things before the government destroys the records,” Best said. “That's the primary source materials for infosec history.”

So far, Best and Crose have found that the FBI has 46,250 pages on Legion of Doom, an influential 1980s hacking collective; 7,500 pages on LulzSec, a group that dominated headlines in the summer of 2011 when they hacked several high profile targets; and more than 15,000 pages on GoatSec, a trolling and hacking group that featured the infamous far-right hacker Andrew “Weev” Auernheimer.

In the meantime, they already uncovered a couple of gems, such as the FOIA response from NASA on the WANK worm.

Best and Crose don’t expect to uncover any details that will radically change the way we understand hacking history, but they believe they man find new details and missing pieces that would otherwise get lost in time.

Listen to CYBER, Motherboard’s new weekly podcast about hacking and cybersecurity.