08.08.2025
13 min
928
Part 10 of the series “In Memory of Kevin Mitnick” immerses us in the dramatic confrontation between the legendary hacker and his new enemy – Tsutomu Shimomura. After a series of daring hacks, Mitnick finds himself in the spotlight of a cybersecurity master who perceives this as a personal insult. Shimomura, known for his Japanese origin and impeccable reputation, begins a real “cyber hunt”. The material includes details of the first attacks, the history of their conflict and the atmosphere of tension, when every move on the network can be fatal.
Foggy Seattle, which was supposed to be a quiet haven for Mitnik, turned out to be a dangerous trap for him. He was followed on radio frequencies and from a helicopter, he miraculously avoided arrest – only because the local cops did not immediately understand who they were dealing with, and were too lazy to teach a self-taught student a lesson. However, almost all of Kevin’s belongings ended up in the police, and he himself, literally with only what he had with him, was forced to flee from Washington State to his native and familiar, but full of traps, southern California. However, the fox of the world wide web managed to dodge the trap that was ready to close – and intended not to let himself be caught by either the regular police or FBI agents. And it didn’t matter, Kevin was not used to hiding, but soon Mitnik would have a personal enemy. In the best traditions of 90s cyberpunk, they will be a Japanese man named Tsutomu Shimomura, a cybersamurai obsessed with catching an elusive hacker for reasons of personal revenge.
According to his statements, Mitnik first encountered Tsutomu Shimomura in September 1993, when he was trying to obtain the source code for the SunOS operating system from Sun Microsystems. In the process of searching for it, Kevin hacked into a host at the University of California, San Diego, where Shimomura was already working, gained admin rights, built in a network traffic analyzer, and literally sat on Shimomura’s servers for several days — until he discovered the intrusion and blocked access. Tsutomu took this embarrassment as a personal insult and tried for some time to figure out who had hacked the university servers, but then without success.
The second time, according to Kevin, their correspondence meeting took place while Kevin was living in Seattle. Once, Mytnik decided to slightly surround the hacker Mark Lottor, who was already under investigation, from whom he hoped to borrow the source codes and methods for taking control of the OKI 900 and OKI 1150 cell phones. discovered: the hacker did not have the source code, he recreated it using reverse engineering. And he was helped in this by the hacker, who was literally waiting for the trial for complicity in the activities of the famous hacker Kevin Poulsen, not even hiding much, the famous cybersecurity expert Tsutomu Shimomura. Mytnik was very interested in this, and he thought about how to hack Shimomura’s server and how to dig there in search of something interesting – but at that moment the cops covered his lair, and Kevin had to urgently flee the state.
The designated Tsutomu Shimomura (more often spelled Shimomura, but I am a fan of the Polyvanian, not Hepburnian transcription of Japanese whistle-hissing sounds) from the San Diego Supercomputer Center is a man in many ways no less remarkable than Mitnik himself. He was the grandson of an officer in the Imperial Japanese Army who served in Manchuria during World War II, and the son of Osamu Shimomura, a famous biochemist who survived the nuclear attack on Nagasaki and won the 2008 Nobel Prize for the discovery and development of the use of green. Tsutomu was born in 1964 in Nagoya, and at a young age emigrated with his family to Princeton, New Jersey. Unlike his father, who was passionate about the biochemistry of marine organisms, he followed a technical path. Having overcome his violent and conflicted character, which caused him many problems with studies and discipline in his teens, Tsutomu graduated from the California Institute of Technology, worked at Los Alamos, and in 1989 moved to San Diego and took up issues of supercomputer calculations.
Soon after, he became one of the top experts and consultants for the US National Security Agency on combating hackers and cybercrime. If Mytnik was a prominent character of American cyberpunk, hiding from the system as a rebel hacker, then Tsutomu Shimomura was no less typical example of a Japanese cyberpunk hero. He worked with conviction for the state, and even seeing the many imperfections of the system, he preferred to act together with it and from within it. At the same time, in the spirit of the same Japanese cyberpunk, philosophically regarding compliance with formal rules and even criminal legislation – when he did not see the expediency in this and had, so to speak, understanding from the “comrade major”:
He took out an AT&T mobile phone, unpacked it, disassembled it and began to listen to telephone conversations via Capitol Hill – while an FBI agent stood behind him and listened to all this (from the memoirs of Bruce Sterling)
In his memoirs about the hunt for the Customs Officer, Shimomura frankly emphasized that he swore at FBI agents about their excessive, in his opinion, attention to compliance with procedures, laws and regulations: “a hacker should be in prison, and it doesn’t matter how we put him there.”
Tsutomu compensated for his loyalty and systematicity in terms of views and life strategy with an external style that was not even that of a geek, but of a complete punk. At numerous hearings in the US Congress on the security of computer networks and mobile communications, he usually ignored the strict formal dress code and appeared in a T-shirt, sandals, and worn-out jeans. Simply because he wanted to and could afford it as an indispensable expert. And in general, it was not only Mytnik who characterized Tsutomu as a person who was difficult to communicate with, “poisonous” with a samurai-like, painfully heightened sense of self-esteem. In general, Shimomura started hunting for Mytnik precisely because of a feeling of acute resentment and a desire to take revenge at any cost. Now let’s return to our fugitive and figure out how exactly he crushed the vulnerable cybersamurai’s sore callus.
So the Greyhound bus from Seattle went to Tacoma, Portland, and almost the entire Pacific coast of the United States—and finally dropped Kevin off at the Los Angeles train station. He checked into a cheap motel, which he had to share with hordes of cockroaches. Still in a state of gloomy surprise, severe stress, and incomplete adequacy, he left the few things he had left with him, wandered around the city, and reached the Metro Plaza Hotel—the same one he had stared at for weeks on end from the narrow window of his solitary confinement cell in the federal center a few years earlier. For the first time, Kevin wondered if it wouldn’t be better to turn himself in: there was too much indisputable evidence of his hacking activities on the media seized by the police, and they would soon start looking for him with triple force – including taking into account John Markoff’s scandalous article in the NYT, which ridiculed hiding. He was terribly tired and completely exhausted, especially after what he had experienced in Seattle. If he turned himself in, he thought, maybe the court would treat him more favorably?
Using his cell phone tricks, Kevin managed to meet with his father and ex-wife Bonnie. Both were very upset and worried about his life situation, his pale appearance in every sense, and his mental state – but they did not know how to help, and he himself did not really understand what to ask for so as not to harm the few loved ones who remained. Then Mitnik went to Vegas, where for a while he lay low with the help of his faithful mother and grandmother. Thanks to their care and temporary relative safety, he was able to breathe a little, gather his brains in a heap and build a preliminary plan for further actions. He did not want to give up anymore. But he wanted a new formal identity for himself, and not from the already inflamed in the eyes of South Dakota law enforcement. He began to acquire documents in the name of a certain Michael David Stanfill, a graduate of the University of Portland in Oregon, using the usual methods: he fabricated a certified birth certificate, a fake W-2 form (data on wages and taxes paid), and a car license, as was customary in practice. However, there was a near miss with the license: Kevin went to get a “duplicate” in the town of Pahrump, so as not to run into someone who had seen him get a license in the name of Eric Weiss in the same Vegas two years earlier. And he managed to get to the very employee who was serving him at the time – he had moved to Pahrump.
The customs officer was saved from a dangerous embarrassment only thanks to his quick wit and social skills: he was the first to feign recognition and asked if he went to the same local supermarket. The employee was led to a false version of acquaintance, and the potential incident was over. Having received the documents, Kevin did not linger in Nevada and decided to move further east of the country: to a place where he would be less likely to be searched for than in the west, where he had already inherited a lot. Along the way, having successfully seized the skis and ski equipment left behind by his mother in Vegas, he spent some time in November 1994 at one of the small resorts in the Rocky Mountains near Denver that he had grown fond of. He exhaled even more, relaxed, calmed down… and decided to return to the idea of hacking the famous cybersecurity expert Tsutomu Shimomura.
Mytnik told his good friend on IRC, an Israeli hacker with the nickname JSZ, about how he had encountered Shimomura twice. The Israeli specialized in hacking corporate networks in search of operating system source codes and all sorts of useful utilities, and skillfully left well-disguised backdoors after the hack – in case he wanted to come back and break again when he was too lazy. Mytnik also loved, knew how to and practiced this kind of thing, and they enthusiastically talked about their adventures – that’s why he shared the stories about Tsutoma with JSZ. In turn, he shared a secret: he and his colleagues from a dangerous business managed to write a utility for hacking systems using IP spoofing, which almost no one had protection against at the time. He shared the code with Kevin. And then, in honor of Hanukkah, at the turn of November and December 1994, he suddenly told Mytnik that he had already cracked Shimomura for him. And he gave his friend free access to any data on his servers at the University of San Diego.
Mytnik was delighted with the gift – and he wanted not just to copy the files to Tsutomo, but to demonstratively slap the nose of the “famous cybersecurity expert” who helped the NSA and the FBI catch hackers and prevent them from hacking everything and everyone. This desire, according to Mytnik, was reinforced by Tsutomo’s reputation in computer science circles as an arrogant and overconfident person. He rushed to the hotel room, immediately got on the servers in San Diego, and the JSZ company took out literally everything that was in Shimumura’s folders. Extracted in the volume of the known 140 MB (recall, 1994) they uploaded several copies to servers in different countries – including, also in the order of hooliganism, one of the copies Mytnik saved in the Whole Earth ‘Lectronic Link’ system under a hacked account of an article in the NYT (and later became Tsutomu’s co-author in the literary description of the hunt for Mytnik). Then they left the system, and JSZ carefully covered up the traces of the hack.
Studying Shimomura’s correspondence – her two hackers also took out everything they could find – Mytnik was not without surprise to discover that Tsutomu had been actively communicating with Markoff since at least 1991, and moreover, they were already discussing him, the dangerous data hacker Kevin Mytnik, and how to shut him up. Kevin delved into Shimomura’s data for hours and days, discovering, he said, a lot of interesting things—including, say, the code for eavesdropping programs written for the US Air Force’s security services. Well, Tsutomu himself soon discovered that someone had broken into him. The customs officer and JSZ successfully cracked it using a new approach that cybersecurity experts were just beginning to discuss—but they didn’t notice a whole series of well-hidden utilities that recorded everything that happened on Shimomura’s servers and regularly sent him full logs. To say that Tsutomu was shocked by such a brazen raid would be to greatly underestimate his reaction. Now he wanted the head of the hacker who had done it. Or at least to see him end up behind bars, and he was ready to do anything to help in any way possible. He spoke with NSA handlers, contacted the FBI, and offered to cooperate. After collating all the available evidence, the task force that was formed concluded that the most likely culprit was Kevin Mitnick, who was on the run and had already made headlines in Seattle. For Tsutomu, Kevin, whom he had previously despised as an “irresponsible fraudster and data thief,” became a personal enemy.
Meanwhile, Kevin really wanted to stay in Denver longer – but he considered it too dangerous (at the same time, it was normal for him to break Shimomura). He had to decide where to go now. It definitely had to be somewhere east of Denver and away from the West Coast, where he had inherited too much, but what exactly? Among the options were Austin, Texas, where computer companies were actively developing, or Manhattan, New York – “just because Manhattan, damn it!”. However, the final choice turned out to be quite unexpected, especially for a Californian geek-hacker: Raleigh, the capital of the state of North Carolina. Northern – but already a typical South of the USA in many ways. Conservatism, religiosity, honoring the memory of the slave-owning Confederacy, emphasized traditionalism and provincialism in the good and bad senses of the word. However, Raleigh was already entering the Research Triangle Park area, where there was a noticeable demand for IT professionals – and Mytnik hoped that there would be no special problems with finding a job in his profile. Kevin boarded the train to enjoy the leisurely trip across half the country and the views from the window, and soon he was enjoying “southern hospitality” – not in the sense of the thriller of the same name and memes about the poor, he really liked the southerners for their sociability and openness, their willingness to help each other.
He settled in a mobile home in a picturesque suburb with lakes, and in parallel with his job search… he began hacking into Motorola servers. He had already done this in Seattle before, and managed to obtain the source codes of operating systems — but to frequently and successfully flash phones for himself to bypass possible surveillance, he still needed compilers. He had already mastered the IP spoofing method thanks to JSZ, and hacked into the system that was developing the Intermetrics compiler, but he did not find a single compiler there. Surprised, he already used social engineering methods and contacted one of the employees responsible for them under the guise of a top management representative, requesting the compiler files “for presentation to management”. The employee first asked Mytnik a whole bunch of control questions — which he was able to answer thanks to his advance study of the company’s structure. And then he revealed the secret that the files had been temporarily moved from the servers to off-network media at the FBI’s request. Because, according to the Cybercrime Control Department, some extremely dangerous hacker was supposed to be behind them, who “has already hacked not only Motorola and extracted the source code of the OS, but the CIA to a perfect level of access, and he doesn’t even mention the FBI.” However, the employee turned out to be so kind and so concerned about the need to “urgently show the fresh edits to the authorities” that he personally handed over the hidden compilers to Mitnik via FTP.
However, very soon Mytnik realized that the strange behavior of the company employee and the FBI was only the first bell. And before, he had not had tsores (trouble), but a solid marzipan, as they said in old Odessa. Now they were taking him seriously. Already during the conversation with the employee, he was alarmed by the fact that only a very intelligent specialist, not an ordinary FBI agent, even from the newly created anti-hacker department, could understand compilers. In the morning, the landline phone in the rented house turned out to be blocked – and it turned out that the number was blocked because the telephone company had reason to believe that the tenant was not Michael Stanfill from Portland. Having recovered and trying to prove that this was a mistake, Kevin realized that it was time to urgently evict him from the newly rented apartment. And urgently, once again, to change my name and documents, and now in a completely unfamiliar city and state.
The customs officer decided to initially portray a certain Glenn Thomas Case, also a graduate of the University of Portland, from whom he had previously managed to extract a database of graduates. After thinking about it, he decided to slightly change it to John Thomas Case, in order to confuse the hunters in the event of a possible reconciliation of names with databases. The experience of “Ostapobender” did not fail this time either: literally a few days later he had already found an official copy of the “lost” birth certificate, and then a car license in a new name – fortunately, customs in the South were more old-fashioned than in California or Nevada, and there was no suspect in everyone. bad tone. Kevin rented a cheaper apartment, and was soon frustrated by another piece of news: his colleague in hobbies and namesake Kevin Poulsen was placed in the same temporary detention center in Los Angeles as he had been a few years earlier. The customs officer was so triggered by this news that he considered himself literally obliged to put the system in an interesting position and, bypassing all security measures, call the inmate with words of support. He brought all his knowledge of social engineering and experience in prison to bear – and managed to establish telephone (!) contact with Poulsen under the guise of a lawyer who was handling his case. Since then, the two hackers, who had not previously met in person, have become friends.
Well, in late January 1995, Kevin received a metaphorical gauntlet from Tsutomu Shimomura, a formal declaration of war. In the same New York Times, he discovered an article by John Markoff, where he told how some malicious hacker had stolen the data of the famous cybersecurity expert Shimomura and placed it on a server under Markoff’s account. Despite the irony of the situation and its even obscenity for Tsutomu, the scale of the hack was not hidden.
Mr. Shimomura is one of the most serious computer security experts in the country. He was the one who advised the government’s computer technology agency to issue a chilling warning on Monday. The agency said that unknown hackers, using sophisticated intrusion techniques, stole files from Mr. Shimomura’s well-guarded computer, right from his home near San Diego. Imagine thieves who decided to show off how vulgar they were and broke into a locksmith’s shop. In this case, the owner of the shop and the keeper of all the keys turned out to be Tsutomu Shimomura, who took the break-in as a personal affront. That’s why he now has a sense of honor in solving the crime.
Immediately following this publication, a press release from the US Department of Justice was published and widely covered in the media, officially announcing the start of a major manhunt for Mytnyk:
Washington, D.C., U.S., January 26, 1995. The U.S. Marshals Service is hunting a computer hacker who is on the run after being convicted in one case and indicted in another. Authorities say they are trying to track down Kevin Mitnick, 31, who was born in Sepulveda, California. Deputy U.S. Marshal Kathleen Cunningham told Newsbytes that the U.S. Marshals Service has had a warrant for Mitnick’s arrest since November 1992 for violating parole regulations. The hacker also nearly made an arrest in Seattle last October. Mitnick is an avid ham radio operator, Cunningham said. He is believed to be using a special scanner to monitor political conversations in the area where he is hiding. “The local police did not apply radio security measures, so as soon as Mytnik’s address was mentioned on the air, the criminal left his home. However, he did not have time to take anything. It is believed that Mytnik has outstanding skills in the field of taking control of computers, as well as in using telecommunications systems. Mytnik knows how to make fake ID cards, and he also uses a computer.
The evening finally stopped being difficult. But Mytnyk was not going to give up.
