The Cuckoos Egg by Clifford Stoll by webology


More Info
									The Six Minute Book Summary of The
Cuckoo’s Egg by Clifford Stoll

Executive Summary
      The Cuckoo’s Egg was written based on a true story. Clifford Stoll, author and main character
of the book, had aspirations of being an astronomer. He was not able to find a job doing what he
loved, so he had to take a job as a computer system manager. While working as manager for a
computer laboratory in California, Stoll was asked to help fix a 75 cent accounting error that the
company has been having for a while. Stoll knew very little about computers. He began to teach
himself the computer languages that the company used. By doing so, he was able to find that an
authorized user named Hunter was using computer time and not paying for it.
      Through many months of research, Stoll began to get closer and closer to finding the identity
of the hacker. He received help from many different agencies that the computer hacker was
involved with. Teaming up with members of the agencies, Stoll began to pinpoint the hacker’s
location to West Germany. He was also able to contact the German post office to help locate
exactly where the hacker was. They narrowed it down to a university in Germany. Eventually,
Stoll was able to gather enough information to identify the hacker as Markus Hess, an international
spy. Hess was hacking into the California computer lab via satellite. He was doing this in order to
steal military information from the United States Military. Once Hess obtained the information he
would then sell it to the Soviet KGB. This was a very serious offense which compromised our
military secrets. Stoll eventually had to travel to Germany and testify against Markus Hess in
court. Through a 75 cent account error, Clifford Stoll was able to track down an international spy
who was stealing our military secrets and selling them to the Soviet KGB.
The Ten Things Managers Need to Know fromThe Cuckoo’s Egg
1.      Computer security should not be taken lightly. Everyday thousands of crimes are
committed due to breaches in internet and computer security.
2.       Hacking is illegal and unethical. Unauthorized access to computer systems is wrong and
should not be conducted.
3.       When you come across something illegal or unethical being done, it is important to keep a
log of what you find. This log can later be used to either testify against or convict the intruder of
their wrongdoings.
4.       Even something small like a 75 cent accounting error can lead to bigger issues. This 75
cent accounting error from a small computer lab led to the tracking of an international spy.
5.       Passwords should always be changed from factory default settings. If passwords are not
changed, users can login as guest to access the information.
6.      Tracking a hacker is a very time consuming process. However, if it is done thoroughly it
can be worth the time it takes.
7.       Computer software should be updated periodically. This will help reduce the chances of
inconsistencies and increase the likelihood that the computer system will fall victim to software
8.       More important information should be held at a higher security than less important
information. This will help protect the vulnerability of the computer system.
9.      Hacking is an international problem. It can affect any level of management at anytime
from anywhere.
10.       Hacking can be conducted internationally. This means that hacking does not have to be
done by your next door neighbors. People from other countries also can gain access to your
computer systems by hacking.
Full Summary of The Cuckoo’s Egg
The book starts off as Clifford Stoll, the author, has aspirations to be an astronomer. Stoll was
unable to find a job as an astronomer, so in order to pay bills he found a job at Lawrence Berkeley
Lab, in the computer center located in the basement of the building. The lab was located in
California, which was where Stoll originally been looking to work. However, Stoll knew very little
about computers. All his life, he wanted to become an astronomer, so he had no interest in computer
espionage. He wondered if he would be able to fool his co-workers with his limited knowledge of
computers. Eventually, he was asked to try and fix an accounting error of the system. Stoll spotted
a 75 cent error in the computer system which would be the start to a lot more than just 75 cents.
After spotting the error, he was able to teach himself the language the computer software was
written in and tracked it to a user named Hunter. Hunter appeared to be an unauthorized user of the
system who was using 9 seconds of computer time and not paying for it. The unauthorized user was
a hacker who was gaining root access through the system. This accounting problem seemed to be
caused by an inconsistency in the time logs of the computer.
      For nearly a year after, Stoll had to spend a lot of time and energy tracking where the hacker
was gaining access from. He eventually found that the hacker was using a 1200 baud connection
and knew that this was coming through a telephone modem connection. Stoll’s coworkers, Paul
Murray and Lloyd Bellknap, helped him with the phone lines. In one weekend, the three were able
to round up fifty computer terminals. They did this by “borrowing” them from the desks of his
coworkers for the weekend, and teletype printers and physically attached them to the fifty incoming
phone lines he had originally traced. That weekend, the hacker dialed into the modem. Stoll located
the phone line which had come from the Tymnet routing service. Stoll then used the help of Tymnet.
Through Tymnet and Stoll’s dedication, they were eventually able to track the intruder to be using a
call center at MITRE. MITRE is a defense contractor in McLean, Virginia.
       Stoll then decided to return his “borrowed” terminals. However, he left a teletype printer
attached to the line the intruder was using so that he can see and record everything that the hacker
was doing. He recorded each and every one of the hacker’s actions as he sought, and sometimes he
gained unauthorized access to military bases around the United States. Doing this, he was looking
for files that contained certain words. These words included “nuclear” or “SDI”. The hacker was
also copying password files in order to make “dictionary attacks”. Along with this, the hacker
would use Trojan horses to illegally find the passwords to the computer systems of these military
bases. Stoll was stunned that the hacker was able to easily guess passwords of these high-security
sites. This was especially easy because many of the system administrators never bothered to change
passwords from their factory default password settings. Even on these high-security army bases, the
hacker was able to login to the system as a guess and not be required to enter a password. Once
logged in, he was able to figure out the passwords for permanent use of the system, even if it were
to be changed in the future by the system administrators.
     While conducting his investigation, Stoll contacted several FBI, CIA, Na, and Air Force OSI
agents to inform them of the hacking incident. This led to confusion as to who had jurisdiction to
handle this incident since this was one of the first documented case involving the crime of hacking.
In addition, the agencies were reluctant to share the information, Stoll documented in his daily log
book with each other.
     Stoll began to study his log book. He was able to see that the hacker was familiar with VMS,
as well as AT&T Unix. He also was able to note that the hacker tended to be more active during the
middle of the day, in consideration to Pacific Standard Time zone. Stoll guess that since modem
bills are cheaper during the nighttime, and that most people have either school or a work during the
day, he would only have free time for hacking during the night. Also, this information provided him
with the assumption that the hacker was using a time zone to the east of the Pacific Time zone.
      During his research, Stoll was still using the help of the Tymnet Company. He was also
receiving help from many different agencies. Through these combined efforts, Stoll found that the
hacker was hacking from West Germany using a satellite. The Deutsche Bundespost, a German post
office, had the authority over the phone to trace the calls to a university in Bremen. However, this
was not the end of the hacking mystery. Stoll had to setup a hoax (which today is known as a
honeypot), in order for the hacker to stay on the line long enough to be backtracked from Bremen.
Stoll invented a new department at the lab that was supposed to be formed due to an imaginary SDI
contract. Stoll new that the hacker was mainly interested in SDI. Therefore, he made the “SDInet”
account, which was controlled by an imaginary secretary. This account was full of lardge files that
contained enticing sounds bureaucratese. It worked, and the Deutsche Bundespost finally tracked
the hacker to his home in Hanover. He also found out that the hacker’s name was Markus Hess.
Hess has been involved in selling his results of hacking to the Soveit KGB for many years. There
was proof of this when a Hungarian spy contacted the hoaxed SDInet at LBL, which was based on
information which he could have only gotten through Markus Hess. This was the KGB’s method of
checking Hess to make sure he was not just making up the information he was selling them.
     Towards the end of the book it talks about Stoll’s journey to Germany. Stoll had to fly to
Germany in order to testify against Markus Hess during the trial of Hess and a confederate. Hess
was active at the same time and located in the same region as the German Chaos Computer Club,
but was not a member. He only occasionally met with certain members of the club he knew
The Video Lounge
The man in the video, Eric, gives a very brief but to the point summary on the plot of The Cuckoo’s
Personal Insights
Why I think:
     • The author is one of the most brilliant people around because he knew very little about
       computers before he started his job. He had aspirations of being an astronomer and had to
       teach himself everything about computers, computer software, computer language, and
       computer system security. By teaching himself this information, he was able to track down
       an international spy. This was of even greater concern because the spy was selling the
       information to the Soviet KGB.
     • With business conditions today, what the author wrote is true because hacking is still a
       problem that we face every day. Internet security is a big issue and should not be taken
       lightly. Internet security protects important and classified information for personal users and
       businesses every day. This helps prevent fraud, theft, and other crimes from being
       committed which allows for the computer systems to run according to their attended uses.
Then, all of the following bullet-items are mandatory to write about:
     • If I were the author of the book, I would have done these three things differently:
1.        I would have kept a log sooner. If the author were to take a log when he first started doing
research, he might have come to the location of the hacker sooner.
2.        Prepare yourself for the job before you take it. The author was employed as a computer
manager when he knew nothing about computers. Taking classes or doing research might have
been a good idea to consider before taking the job.
3.       Protecting my computer systems with higher security software. More expensive software
might cost more, but can usually result in greater security.
    • Reading this book made me think differently about the topic in these ways:
1.        Computer hacking makes classified information extremely vulnerable. Hacking can be
used to steal data, secrets, and military information.
2.       Passwords need to be well thought of and not just entered in so that the user can remember
them easily. Using capital letters, numbers, and other symbols will make passwords more secure.
3.      Military secrets are not prevented from other countries. Spies are trained everyday to hack
or somehow obtain military secrets for their native country.
    • I’ll apply what I’ve learned in this book in my career by:
1.       Always protecting my computer systems with highly secured passwords. Leaving systems
vulnerable is just asking for hackers to steal information from you.
2.       Keeping logs of important information. Keeping logs can be used to back-track
information or testify against unethical behavior.
3.      Not taking any errors lightly. The smallest error can contribute to the finding of something
much bigger and of much greater concern.
    • Here is a sampling of what others have said about the book and its author:
"What others (scholarly and magazine reviews – along with on-line reviews – not simply reviews off
the back of the book) have said about the book and its author?”
Maybe you think I have a funny idea about adventure, but I think thiscounts just as much as
climbing a mountain or sinking a boat. Mr. Stoll is an astrophysicist turned systems manager at
Lawrence Berkeley Lab, but becomes a one-man security force tracking down a computer cracker
when he discovers a 75 cent accounting error. This is in the earlier years of computer security, but
very informative and reads like a thriller. The Cuckoo's Egg is well written and is considered a
classic. Mr. Stoll is also the same person who was doing "thoughts" at the end of The Site TV
magazine which used to be on MSNBC. After seeing him on The Site, I could see why he had just
the right personality to go after this cracker!
Clark, Judi. (1998). The cuckoo's egg: tracking a spy through the maze of computer espionage.
MostlyFiction Book Reviews, Retrieved from
Stoll, C. (2000). The cuckoo's egg: tracking a spy through the maze of computer espionage. Pocket.
This book summary and review of The Cuckoo’s Egg was prepared by Gregory Brauninger while a
Business Management major in the College of Business at Southeastern Louisiana University.
Contact Info: To contact the author of this “Summary and Review of The Cuckoo’s Egg,” please
This document has been initially released under Creative Commons licence by David C. Wyld
(, Professor of Management at Southeastern Louisiana University in
Hammond, Louisiana. For details on the licensing terms click here:

To top