08.08.2025
13 min
975
In memory of Kevin Mitnick, the legendary hacker who made history as a master of social engineering and daring hacks. Part 11 tells the story of the moment when his escape turned into a personal confrontation. After another series of cunning maneuvers, Mitnick attacks renowned cybersecurity expert Tsutomu Shimomura, who sees it as a challenge of honor. This move sets off a manhunt that has become a symbol of the era of struggle between hackers and their pursuers. Find out how one careless act changed the course of history and brought the inevitable end of the most famous cybercriminal of his time closer.
So, once again eluding the FBI and only miraculously not being detained in Seattle, Kevin managed to sneak into his native California, once again change his identity, and through Vegas get to Denver and the ski resorts in the Rocky Mountains. This time, Colorado was to be just a transit point on the way to the southern states on the East Coast, where Mitnik was going to start a new life. As always, our hero could not resist another hack – and in the company of an Israeli hacker with the nickname JSZ, using the latest and little-known method, he managed to get access to the well-protected data of the famous cybersecurity specialist Tsutomu Shimomura. This turned out to be a mistake: an ambitious Japanese man connected with American intelligence agencies, the son of a Nobel laureate, took the hack as a personal affront and declared a vendetta against Kevin. As soon as he reached North Carolina, Mitnick found the ring of persecution around him rapidly tightening, and the federals, who had previously watched his escape, took him seriously.
Actually, this part was originally supposed to describe the climax of the plot. However, your humble servant has come across Shimomura and Markoff’s book about the hunt for Kevin Mitnik (Takedown: 1995). approaching the denouement of our story and from the side of the “hunters”. This is quite rare evidence, which is not so easy to find now, not only in Russian, but also in English. It is worth clarifying that Mitnik and Shimomura did not digest each other’s spirit, both were not very objective in assessing the actions of their opponent, and many points and statements from Tsutomu’s book were questioned and criticized not only by Kevin and the journalist Jonathan Littman, who clearly sympathized with him (Jonat Littman, 1996), but also by other people and organizations.
Shimomura believed – and, given the memoirs of the Customs Officer himself, rightly so – that he had become the target of a hacker attack precisely because he was a well-known cybersecurity specialist. However, with the paranoia of a professional “security officer”, he suspected that the hacking and theft of his files was not just a joke or a demonstration of malice, but the possible efforts of some criminal community of hackers to exploit his latest hacking and protection against hacking developments in order to organize unbridled theft of data and money from accounts. Tsutomu was also bombarded with the hacking of his files by the Customs Officer because at that very time he had finally met his girlfriend Julia, who had returned from a highly spiritual trip to the Himalayan monasteries. They were relaxing in the Toad Hall mansion in the hilly part of San Francisco, which at that time served as a kind of commune for several computer scientists who earned well, spent time in the jacuzzi and just chilling – so Tsutomu almost did not go online at that time, which gave the Customs officer from JSZ time for a thoughtful look. However, if you believe Shimumura’s memoirs, the couple not only cooed enthusiastically, but also discussed the deepening of Tsutomu’s cooperation with the US NSA, which never happened at that time. About which Shimumura was very emotionally hissing and spitting venom.
Shimumura does not hide in his memoirs that by that time he had already provided the National Security Agency, the main US intelligence agency engaged in electronic intelligence and counterintelligence of all kinds, with various delicate services in the field of computer networks, their security and overcoming them when necessary. And he even managed to burn out a bit on this basis, in parallel with his main work at the Supercomputer Computing Center in San Diego. However, in the early fall of 1994, he tried to negotiate with the NSA to provide him with a grant of $ 500,000 to create a working group and conduct research in the field of cybersecurity for the benefit of the NSA. However, here the “guys from Fort Meade” began to freeze Tsutoma, week after week without giving a clear answer. As a result, at the beginning of winter, the computer scientists he had previously selected for the project spat and went to other places. Shimomura was very angry with the NSA for the failed project and the unreceived grant. While most hackers considered them literally servants of Satan and the embodiment of Big Brother overseeing the network (let’s be honest, not without reason), Tsutomu saw them as “a large and incompetent organization bound by countless rules that bring neither good nor evil to order,” and its employees as a bureaucracy.
The morning after the hack — the girl went to clear her head, but Shimomura never logged on, he was just too lazy — Tsutomu drove south from Frisco to Silicon Valley to talk to Pane-Almi. On the way, he was stopped by a call from his colleague and friend Andrew, who was looking after the computers in his absence: he reported that Shimomura had clearly been hacked, this was indicated by a characteristic sign of an unexpected decrease in the size of the activity log file “wiped” by the hackers, which was automatically monitored by a special utility. Tsutomu experienced a range of emotions appropriate to the situation, metaphorically turned off the chair, threw away the brick he had put aside, and rushed to figure out the situation — instructing Andrew to disconnect the computers from the network and not touch anything so as not to erase possible evidence and traces. Twenty minutes later he was in Menlo Park, near his friend Mark Lottor’s townhouse, across the street from the SRI International office, where ARPANet technology had been developed. Yes, the same Mark Lottor who was under investigation for hacking, and the same Mark Lottor from whom Kevin had obtained the source codes for the OKI 900 and OKI 1150 cell phones in October 1994, just before his rental was raided. And it was then, having figured out the files and who wrote them while reverse-engineering the source codes, that Mytnik became interested in Shimomura and decided to get something from him too.
So, Shimomura hacked into his resources from Mark’s house through an outdated modem he found by the way, and climbed up to figure out what had happened. Feeling like a detective at the scene of the crime, he was convinced that there had been a hack – and the hackers were trying to cover their tracks. In parallel, Andrew was also digging through the files – who, at Tsutomu’s indignation, opened the files and erased data about their last opening by the hackers. Having explained to his colleague the crookedness … incomplete correctness of actions in the current situation, Shimomura found out: the files were not only hacked, but also copied somewhere. It was also possible to find out that the hack, at least in part, was carried out through the Colorado SuperNet provider, located in the state of Colorado – where, as we already know, Kevin “exhaled” in his beloved Denver on the transcontinental route from California to the American South. Tsutomu also found “traces of traces” of a file named oki.tar.Z, which was clearly related to the hacking and copying of his data: it was literally collected using the Unix program Tar and additionally archived everything that had to do with the software of OKI mobile phones – with which both Tsutomu and Mark worked. Believing that he had learned everything he could remotely, Tsutomu instructed Andrew to completely disconnect the computers from the network and wait for his arrival at the site in San Diego.
That same night, Tsutomu demonstrated that, despite all his loyalty and willingness to help the system fight violators, he himself from school sincerely wanted to sneeze at the rules when they got in his way, for which, in particular, he was solemnly actively helping school trolls and hooligans in pranks of the level of “burning toilets in the school stadium”). For a detailed analysis of his data, he needed utilities that were on floppy disks in the Sun Microsystems office. Not only that, it was late in the evening outside, the company was also closed for the Christmas holidays. Taking Mark with him, Tsutomu rushed to his acquaintance, an employee of the company, Lyle Elam, and from her, disguised as technical workers, to the office, which they safely and not very legally entered through Lyle’s electronic pass. They encountered a security guard on the way, but he recognized Lyle and Tsutomu, who had consulted for the company on several occasions and worked in its office. However, the security guard would not have been as understanding if he had seen them sneaking back around the cameras with a whole bunch of bags full of floppy disks.
Then Shimomura jumped on the first plane to San Diego. Now he was even angrier at the hackers: now he had to interrupt his legitimate vacation and give up a long-awaited vacation with Julia skiing at Lake Tahoe. Technically, the data could be there by the time he returned on schedule – but what kind of vacation would that be psychologically? Besides, Tsutomu still didn’t know how much and what the hackers had managed to download, and he was afraid that if something particularly interesting to the hackers leaked, he would have to take urgent action, including through the “sad bureaucrats” at the NSA. Soon he was running to his office at the University of California’s Supercomputing Research Center, where his machines were located, somewhat pretentiously named on the Internet in honor of the fallen angels from Milton’s Paradise Lost: Ariel, Osiris, Astarte, and so on. What worried Tsutomu the most was the traces of the oki.tar.Z archive, since the downloaded files on OKI phones indicated that Shimomura and Lottor themselves were not entirely legal in reverse engineering their software code – at first they tried to get it officially, but they were refused, and others stepped in. Even more touching was that Tsutomu and Mark were doing it not only for themselves, but also, as Shimomura himself evasively writes, as a “field diagnostic tool for mobile companies and government regulatory agencies.” Simply put, with its help, the NSA could do all sorts of interesting and not entirely legal things with these phones without notifying users and law enforcement agencies.
Moreover, at a congressional hearing in 1992, Tsutomu — having prudently obtained legal immunity — demonstrated in front of congressmen and an FBI representative present there how it works, taking a new phone from its factory packaging and transforming it with a few manipulations. congressmen. As he was leaving the hall, Shimomura was caught by an indignant FBI agent and had a preventive conversation with him in the genre of “if we catch you doing something outside of official cooperation with the state, you’ll be put in jail.” Tsutomu promised, for the sake of form, not to do that — and, naturally, he continued to do just that. It’s good that the interest in cooperation from the NSA is a good “roof” for an American hacker from unwanted attention from the FBI and the police. “I’ve never worked with them before — the FBI has no sense of humor,” Shimomura commented on this situation, who despised formal rules and laws no less than Mytnik. And he liked to flaunt it in front of those who were supposed to ensure their observance – but he could not implicate Shimomura himself for their violation due to, let’s say, “some delicate circumstances.”
Tsutomu and Andrew, who had come to him, began to carefully study the contents of the computers that were disconnected from the network – in order not to erase anything, Shimomura pulled out the disks that interested him and connected them to another computer in read-only mode. He occasionally wondered who could have done all this – and the identity of the suspect seemed quite obvious to him. He remembered well how in October Mark Lottor had been hacked in search of the same source codes for OKI – and some unnamed “hacker acquaintance” soon informed Mark that the hack was carried out by “Kevin Mitnick and his friends, and they are very unhappy that they did not manage to get what they were looking for.” As far as we can judge from Shimomura’s text, he did not really believe that Mytnik was a loner who was passionate about hacking out of love for art and the need to ensure his own privacy in telephone networks, and suspected him of being a representative of a certain secret criminal community of hackers. Tsutomu, referring to Mark, also mentions a detail that Kevin did not have: according to his version, shortly before the hacking, an acquaintance of Mytnik contacted Lottor and offered to buy the OKI source codes. Was this true, and if so, where did Kevin get the money, who was on the run and was by no means raking in dollars with a shovel (if we are to believe his version of events)?
Mytnik’s own memoirs carefully emphasize that he was a persecuted loner who, even with the FBI on his tail, could not refrain from hacking due to his lively character. He claimed until the end of his days that he had never engaged in hacking for financial gain, and even more so for electronic theft of money from accounts. At the same time, Kevin constantly mentions at least active contacts with members of the international hacker community, where he knew many, from his native California to Germany and Israel, and with whom he continued to communicate even deep underground under other names. As you know, people write memoirs not only to tell their stories, but also to present themselves in a desired light and cover up inconvenient facts. This applies to literally any memoir author, including Mytnik and Shimomura. It is logical that if Kevin really organized some of the hacks not only because of his wild enthusiasm, but also because of certain agreements with other hackers, then he hardly wanted to put his colleagues under the machine of the American Themis, and moreover, go to trial not as a thug, but as a member of a criminal community. Which usually means noticeably long prison terms, and Mytnik did not like being in prison to the extreme. Well, now Kevin took his possible untold secrets with him to the grave, probably forever.
Shimomura also claims that shortly before Mytnik and JSZ hacked his machines, Kevin called Mark from a hidden number, without introducing himself by name, and demanded that he give him the OKI source code “kindly, otherwise I’ll get it anyway.” When asked why he needed it, Mytnik (according to Tsutomu, and this does not go beyond Kevin’s own version of events) explained that the code was needed to increase his invisibility in telephone networks due to the ability to quickly change the device’s firmware. On occasion, he was actively interested in Shimomura’s personality, explaining that he had identified him as a co-author of the part of the code he had extracted. Tsutomu also claims that Kevin, in a conversation with Mark, simply expressed admiration for Shimomura’s talents – but here, I suspect, he is already exaggerating a bit. Lottor recorded the conversation and then played it to reporters John Markoff and Jonathan Littman, who had experience with Mitnick and could recognize his voice. Markoff said it was similar, but not certain, while Littman was certain that Kevin himself had called Mark.
And so, sitting in the office of the Supercomputer Research Center, Shimomura decided to get distracted at some point and listen to the voice messages that had been coming to his phone for the past few days. Among them was one that really infuriated him: someone with a fake Australian accent said: “Damn, my kung fu is better! I know the rdist style, the sendmail style, my kung fu is stronger than yours! Me and my friends are going to crush you!” The customs officer denied making this call for the rest of his life, and claimed that Shimomura had simply made it up. According to Tsutomu, this was the last straw, after which he considered it a personal insult and a challenge to a duel.
