Year 1986: When WANK Worm Attacked Stanford University
Introduction
Our previous blogs have been testimonials of all the major phreaking incidents that took place in the mid-1950s. It’s safe to say that many hackers’ journeys began with phone phreaking. Therefore, it’s reasonable to assume that phreaking played a role in the evolution of hacking. Phreaking, essentially the manipulation of telephone lines for personal gain or amusement, laid the groundwork for modern hacking (and for WANK Worm). By exploiting the vulnerabilities in telephone systems, early phreakers developed techniques and a mindset that would later be applied to computer systems and networks, paving the way for the hacking culture we know today.
Phone phreaking gave birth to yet another phenomenon called “Hacktivism”. While the term “hacktivism” wasn’t coined until 1996, its roots can be traced back to the 1980s. As computers and the Internet grew in popularity, activists discovered a powerful new platform for their protests. This merging of hacking techniques with activist goals marked the beginning of hacktivism, a movement where digital tools are used to promote political and social change.
But what did hacktivism had to do with Stanford University? Let’s understand.
WANK Worm at Stanford
The year was 1986 when Stanford University became the target of a significant cyberattack. The attack was one of the first politically motivated cyber incidents. The attackers, a group of hackers known as WANK, hacked into the university’s Unix computers, leaving a trail of disruption and raising awareness about the vulnerabilities of digital systems. This attack was not limited to Stanford; it also affected critical networks like NASA’s SPAN network and the US military’s MILNET network.
On September 16, 1986, administrators at Stanford University discovered a startling message on their system: “Your System Has Been Officially WANKed. You talk of times of peace for all, and then prepare for war.” The message, along with a poignant quote from German philosopher Friedrich Nietzsche, highlighted the hackers’ anti-nuclear stance. The group behind the attack, WANK, claimed to be from Australia, though their true identities and locations were never confirmed.
Inception of the WANK
The word WANK was an acronym for “Worms Against Nuclear Killers”. Back in the day, the word “nuclear” was enough to instill fear in the hearts of people. This fear played a significant role in the inception of WANK. The roots of WANK can be traced back to the controversy surrounding the launch of Galileo, a nuclear-powered spacecraft. During this time, there was widespread anxiety that a mishap could lead to radioactive fallout affecting parts of the U.S.
In response to these fears, a group of activists formed WANK to protest against the Galileo launch and other nuclear projects. Their goal was not to destroy anything but to scare and mark their existence.
How Did WANK Worm Work?
The WANK worm exploited a vulnerability in the VMS (Virtual Memory System) operating system, which was widely used at the time. This worm, a type of malicious software capable of self-replication and spreading without user intervention, bypassed authentication processes and gained access to privileged accounts. Once inside, it displayed its message before activating a self-destruct mechanism designed to erase its presence from the system. However, some copies were captured and analyzed by security experts, revealing that the worm was written in DCL (Digital Command Language) and contained about 100 lines of code riddled with spelling and grammatical errors.
The WANK worm caused substantial damage to the affected systems. Sensitive data, including student records, payroll information, and research projects, was accessed, corrupted, or deleted. The worm also consumed system resources, significantly slowing down performance and causing some systems to crash or become inaccessible.
Stopping the WANK Worm
Once inside, the worm disrupted critical operations across various networks. Scientific research, military communications, and academic activities were all affected, leading to significant interruptions in essential services. These interruptions raised a suspicion that something was definitely wrong. This suspicion ignited a fierce battle between the WANK worm and the authorities at Stanford University.
The first step in countering the WANK worm was detecting its presence. This was achieved through monitoring system logs, messages, and performance, as well as using antivirus software and other tools. To prevent further spread, infected systems and networks were isolated by disconnecting network cables, shutting down systems, or blocking network ports. Finally, the worm was eradicated from the systems. To root it out, infected files were deleted from the systems and data was restored from backups, patching the vulnerability. Additionally, passwords of all the systems were changed to enhance security.
The attack of 1986 was an embarrassment for prestigious institutions like Stanford University and NASA, exposing their security flaws to the public. The intrusion also highlighted the fact that even the most renowned organizations had their vulnerabilities and promptly required a reevaluation of their cybersecurity protocols.
Parting Words
The WANK worm, believed to be created by Australian hackers, remains a mystery even to this day. What happened at Stanford University was pretty chaotic. But what’s interesting is how people back in the 1980s used the internet to try and make a difference in society. They didn’t necessarily do it the right way, but it’s fascinating to see how they tried to fight against what they thought was wrong using computer worms.
However, it’s important to note that just because we find this fascinating doesn’t mean we support what they did. We’re more intrigued by their creativity and innovation.
The WANK worm attack was a landmark event in the history of hacking and cyber activism. It showed how hackers could cause a lot of trouble while trying to make a point. Looking back at the WANK worm incident, it also reminds us how crucial digital security is today. It changed how we think about hacking, cybercrime, cybersecurity, and also activism. It’s a reminder that we need to stay alert in our increasingly connected world.