Cryptologic Bytes

"On This Date in History" Calendar

1994: Griffiss Air Force Base finds malware

Thursday, March 28, 2024

28 March 1994: Griffiss Air Force Base found illegal wiretap malware in its Rome laboratory network.

System administrators at the United States Air Force (USAF), Rome Laboratory on Griffiss Air Force Base discovered "sniffer" malware on one of the lab's networks.

The malware enabled hackers to steal passwords to gain access to additional networks including NASA Goddard, Wright-Patterson Air Force Base, and NATO headquarters. An investigation, involving U.S. and U.K. law enforcement agencies, led to “Datastream Cowboy” and “Kuji”, the hacker handles of British citizens Richard Pryce and Matthew Bevan.

Bevan claimed they hacked Rome Labs and other systems to find evidence of alien anti-gravity technology, which he believed was being used by the U.S. military.

Pryce, only 16 at the time, alarmed investigators when he downloaded a Korean nuclear database to a USAF system. Air Force investigators feared the database belonged to North Korea and their discovery of the data theft and subsequent trace of the transfer to the USAF system would lead to an international confrontation. The data turned out to be from the South Korean Atomic Research Institute which, while still serious, was significantly less dangerous.

Learn about the incident via the Case Study linked below.


Check out the Cryptologic Bytes Archives for a wide variety of articles on all topics related to cryptology, codes and ciphers, related publications, Museums, and more.