THC ran very fast on those Sun4s. The program used a 60000 word dictionary borrowed from someone in the US army who had done a thesis on cryptography and password cracking. It also relied on `a particularly nice fast-crypt algorithm' being developed by a Queensland academic, Eric Young. The THC program worked about 30 times faster than it would have done using the standard algorithm.

Using all 40 computers, Mendax was throwing as many as 40000 guesses per second against the password lists. A couple of the Suns went down under the strain, but most held their place in the onslaught. The secret passwords began dropping like flies. In just a few hours, Mendax had cracked 5000 passwords, some 100 of which were to root accounts. He now had access to thousands of NorTel computers across the globe.

There were some very nice prizes to be had from these systems. Gain control over a large company's computer systems and you virtually controlled the company itself. It was as though you could walk through every security barrier unchecked, beginning with the front door. Want each employee's security codes for the office's front door? There it was—on-line.

How about access to the company's payroll records? You could see how much money each person earns. Better still, you might like to make yourself an employee and pay yourself a tidy once-off bonus through electronic funds transfer. Of course there were other, less obvious, ways of making money, such as espionage.

Mendax could have easily found highly sensitive information about planned NorTel products and sold them. For a company like NorTel, which spent more than $1 billion each year on research and development, information leaks about its new technologies could be devastating. The espionage wouldn't even have to be about new products; it could simply be about the company's business strategies. With access to all sorts of internal memos between senior executives, a hacker could procure precious inside information on markets and prices. A competitor might pay handsomely for this sort of information.

And this was just the start of what a malicious or profit-motivated hacker could do. In many companies, the automated aspects of manufacturing plants are controlled by computers. The smallest changes to the programs controlling the machine tools could destroy an entire batch of widgets—and the multi-million dollar robotics machinery which manufactures them.

But the IS hackers had no intention of committing information espionage. In fact, despite their poor financial status as students or, in the case of Trax, as a young man starting his career at the bottom of the totem pole, none of them would have sold information they gained from hacking. In their view, such behaviour was dirty and deserving of contempt—it soiled the adventure and was against their ethics. They considered themselves explorers, not paid corporate spies.

Although the NorTel network was firewalled, there was one link to the Internet. The link was through a system called BNRGATE, Bell-Northern Research's gateway to the Internet. Bell-Northern is NorTel's R&D subsidiary. The connection to the outside electronic world was very restricted, but it looked interesting. The only problem was how to get there.

Mendax began hunting around for a doorway. His password cracking program had not turned up anything for this system, but there were other, more subtle ways of getting a password than the brute force of a cracking program.

System administrators sometimes sent passwords through email. Normally this would be a major security risk, but the NorTel system was firewalled from the Internet, so the admins thought they had no real reason to be concerned about hackers. Besides, in such a large corporation spanning several continents, an admin couldn't always just pop downstairs to give a new company manager his password in person. And an impatient manager was unlikely to be willing to wait a week for the new password to arrive courtesy of snail mail.