AT THREE IN THE MORNING last October 19, a Vietnamese gang burst into the headquarters of the Surface Mount Taping Corporation, a small computer-components company in South Austin. Armed with a .45-caliber pistol and a semiautomatic handgun, the gang of four men and one woman tied up the night-shift employees with professional dispatch and searched the building for valuable memory chips. When they couldn’t find what they were after, they grabbed some inexpensive cellular-phone parts and vanished without a trace.
The scene seemed straight out of The Net or some other postmodern Hollywood thriller and so, oddly enough, did the response by the Austin Police Department. Along with two officers from the APD’s robbery unit came two officers from the department’s new high-tech crime unit—one of only two such units in the country (the other is in San Jose, California). For years security officers at Austin’s high-tech firms had been pushing for the creation of such a unit, fearing that the city’s emergence as a techie mecca would lead to an increase in computer-related crimes. Only two years ago did city and law enforcement officials finally give the go-ahead for such a unit, however, and only eleven months ago did the unit get formally inaugurated—just in time, judging by the Surface Mount caper.
“The memory chip is the dope of the nineties,” says Bob Watson, the security chief of XeTel, an Austin-based manufacturer of made-to-order computer components. It’s a good analogy because the tiny microprocessors are worth more than their weight in gold or crack cocaine and can easily be shipped out of state or out of the country before police officers file their burglary reports. As Watson notes, high-tech firms in California have been plagued in recent years by a rash of armed robberies and even truck hijackings. Within the past year and a half, crime in Silicon Valley has increased fivefold, and that could augur a dark side to Austin’s technological boom. “It’s almost eerie how everything here has developed parallel to there,” Watson says—and in fact, although the Surface Mount case has yet to be solved, police investigators theorize that the gang has West Coast ties.
Watson knows a thing or two about high-tech crime. His firm has been held up twice in the past two years, and once his employees were tied up in a storeroom so the thieves could make their getaway. And it was Watson who, in 1994, convened a meeting of other security chiefs to discuss the problem. “We were concerned that Austin was getting a reputation for being an easy target,” he recalls. Right away, he and his colleagues realized that almost every company represented at the meeting had a criminal investigation in the works. After talking for a while, they hit on a solution: a new kind of cop whose beat would be cyberspace. “If you see police officers as doughnut-eating head-thumpers or Starsky and Hutch throwing guys against the wall,” Watson says, “that won’t be the stereotype for the high-tech policeman. He’s more likely a nerdy-looking guy in a gray vested suit. Instead of a hogleg from the Dirty Harry days, he’ll carry a laptop computer.”
Actually, once the APD agreed to create such a high-tech unit, its early recruits to be chief investigators weren’t what you’d call nerdy. Paul Brick, who is 39, came from the APD’s major-crimes division; he has the rapid-fire speech and wiry intensity of a streetwise narcotics cop. Randy Bradley, who is 32, had been a patrolman in Abilene. He has a broad, open face, a stocky build, and a careful but direct way of speaking—the classic good cop in a good-cop-bad-cop scenario. As it happened, he had spent five years learning about computers largely on his own time and initiative, and he had attended classes and training sessions around the country, including a program on basic investigation of computer crimes sponsored by the United States Department of Justice.
Unfortunately, even with Brick and Bradley set to begin, there were problems with the kind of unit Watson and his colleagues had envisioned. The high-tech crime unit in San Jose, for example, was funded by the city’s police department. But given the APD’s tight budget, an Austin unit would not be feasible without direct sponsorship by local high-tech firms. And yet Austin city statutes prohibit individuals and corporations from donating cash directly to any specific government activity—so even if local firms could come up with the money for such a department and donated it to the City of Austin, there would be no guarantee that it would actually be used for that purpose; the money would simply go into a general fund. Such direct sponsorship also presented a public relations problem. From inside and outside the department, there was grumbling that citizens would see high-tech companies as receiving special treatment—as having, in effect, their own police force—at a time when things like drug use and juvenile crime are more pressing issues than chip theft.
To resolve those problems, the companies backing the high-tech unit christened the project the Austin Metro High Tech Foundation and channeled money through the nonprofit Austin Community Foundation, which would make donations of equipment as well as money to be used for overtime pay. The arrangement was similar to the one that brought the DARE (Drug Awareness Recognition Education) project into the state’s public schools.
Yet there were other obstacles to overcome. One had to do with the secretive nature of high-tech companies. Competitors in the cutting-edge world of technology tend to be image-conscious; they can get a reputation for negligence or sloppiness if their security measures fail, putting the value of their stock in jeopardy. Then there was the issue of the APD’s credibility. The department has hardly been a national or even a state leader in high-tech equipment. As of last summer, according to the Austin American-Statesman, the APD’s basic technology, including the computer terminals in its squad cars, was found by the city to be inadequate and in dire need of overhaul. As a local hacker who now works in computer security says, “The department has to be high-tech in more than name only. If you call yourself a doctor, you had better be prepared to operate.”
Indeed, previous forays by the APD into electronic crime had been less than sparkling successes. Five years ago, for instance, Austin police officers went along on a federally directed anti-hacker raid that was a fiasco and, later, the subject of a book, The Hacker Crackdown, by cyberpunk writer Bruce Sterling. As part of a national effort to combat hacking, FBI and Secret Service agents raided the Austin headquarters of Steve Jackson Games, mistaking it for a hotbed of computer crime. Steve Jackson, aided by the newly formed Electronic Frontier Foundation, sued the feds and was awarded more than $300,000. “There’s no question that that case was a deterrent for a lot of officers,” Bradley says.
But even without that discouraging precedent, the new unit had a lot to prove—not just to the high-tech firms that were sponsoring it but to the public as well. And within days of the meeting of Watson and his fellow security officers in 1994, a case began shaping up that would test the new high-tech unit’s capabilities. It involved not only daring physical thefts but hacking that went far beyond the usual bounds of electronic intrusion.
During the first week of February that year, the systems operator for the main computer at Texas Racing Commission headquarters noticed some suspicious intrusions into its system. After the APD was notified, the complaint was forwarded to Bradley and Brick, who traced the phone line used for the break-in to an apartment rented to 21-year-old Chris Lamprecht, a.k.a. Minor Threat, a member of the computer underground who was working as a programmer at a small high-tech company. Lamprecht had been in trouble with the law before: In 1991 he and two friends had been caught breaking into a building on the edge of town. Lamprecht’s attorney, Jim Sawyer, says that he got his client off by adopting the strategy of most lawyers who represent hacker types. He went in front of a judge, pointed to his nerdy client, and said, “It was Pee-wee’s big night out.”
But just a year later, on July 9, 1992, Lamprecht was arrested again, this time for trying to sell stolen memory chips. His accomplice, who gave his name as “Scott Berry,” turned out to be a fugitive named Jason Copson, the leader of a Virginia gang of hackers called Dark Side Research (DSR) that messed with PBX boards, the telephone exchange switching devices that route calls from station to station. Three months before, Copson had hidden out in Lamprecht’s apartment in North Austin, and the two began to hatch plans for an even more devious Texas wing of DSR—one that would target the larger switching boards used by Southwestern Bell. Until their arrest, Copson and Lamprecht had been hacking into Bell’s main computer and hitting the switching boards of nearly every one of its central offices.
When the police uncovered Copson’s true identity through his fingerprints, he was charged for his offenses in Texas; first, however, he was extradited back to Virginia to serve time for crimes committed there. Lamprecht also pleaded guilty, was sentenced to a year, and wound up serving five months in the Del Valle Correctional Institute. After getting out of jail, Lamprecht seemed to turn his life around. He was doing so well at his new job that he was allowed to install equipment at banks.
Then came the hacking incident at the Racing Commission. When officers arrived at Lamprecht’s apartment to search for evidence, they discovered that all the computer equipment had been removed. Days before, as Bradley learned later, Lamprecht and his roommate, a hacker named David Querin, a.k.a. Mental Conflict, had managed to download the log of ongoing investigations from the Racing Commission files, which included their own case and mentioned the planned raid on their apartment. Still, while the search was going on, Querin pulled up in his jeep, which was loaded with computer equipment. Although he fled the premises on foot—and remains on the lam—the officers got a warrant to search the vehicle and later removed three computers and some stolen telephone equipment.
Initially stymied by the password on Querin’s computer, Bradley asked for help from the manufacturer, and after logging on he was able to use his basic technical training to copy the necessary files and gather evidence of hacking. But hacking was small potatoes compared with what else he found in the apartment: recent bank receipts from an account under the name of Scott Berry and a handwritten note that suggested a teenage fantasy as much as a master plan for a crime. It concluded: “After 30 days (when all money is transferred), Fly to distant person, party, get cash, party, come home. Buy safe. Shop for & buy 300 ZX.”
At first, Bradley and Brick were puzzled. The receipts were recent—yet Scott Berry was the alias used by Jason Copson, who had been behind bars since July 1992. They learned, however, that Copson was something of a sleight-of-hand artist in prison. To prevent his phone calls from being monitored, he had stolen a phone from a chaplain’s office and had broken it down into basic components that could be carried in his pocket. And in addition to his secret calls, Copson continued to make calls over the regular prison telephone, talking to Lamprecht in code.
Bradley and Brick subpoenaed the prison’s tapes of those calls and decoded them. Then they contacted veteran Internal Revenue Service investigator George Madding, who traced the bank activities of Lamprecht and his associates and uncovered suspicious deposits to various accounts linked to Lamprecht. Between information gleaned from the phone calls and Madding’s detective work, Bradley and Brick figured out that Lamprecht—with Copson’s advice—had been selling stolen circuit boards and covering his tracks by using multiple bank accounts. They eventually determined that Lamprecht had stolen nearly $1 million worth of phone equipment.
In November 1994 Lamprecht was charged with money laundering. Lamprecht’s attorney, Jim Sawyer, recommended a plea-bargain to his client with the understanding that he would cooperate in the case against Copson, and in January Lamprecht turned himself in and agreed to debrief Bradley and Brick about his activities. Yet perhaps because of the hacker code of silence, he never actually told them anything useful, and his plea-bargain was revoked. Four months later Lamprecht was sentenced to seventy months in federal prison. As part of his parole, the judge ruled that he could not own a computer with a modem or work in a job that involved installing or troubleshooting computer systems.
Following the sentencing, officers in the new high-tech crime unit joined the prosecuting attorney and IRS agents at a press conference. A table was piled high with ten-inch- by fourteen-inch circuit boards, a portion of the booty seized from Lamprecht and his cohorts. One of the boards, as Bradley pointed out, had been stolen by Lamprecht twice. He had stolen it once with Copson, and then, after the board had been returned to Southwestern Bell, he had stolen it again.
For Bradley and Brick, as well as for high-tech security agents around the country, those circuit boards represent a new kind of contraband. The officers have their work cut out for them, and as the Surface Mount case demonstrates, it’s going to take more than luck, persistence, and old-fashioned police work. “It’s still a new area for us,” says Bradley, “and the criminals have a long head start.” Or as lawyer Sawyer puts it, “Pee-wee’s big night out has gotten ominous.”