Cyberbusting comes of age

Click to follow
The Independent Online
MNEMONIX breached Microsoft's defences at 5am on 7 October. The computer hacker, who off-line is David Litchfield, the 23-year-old son of a Royal Marines sergeant-major employed by a London software start- up called Diligence Communications, celebrated by e-mailing the biggest company in the world to tell them.

Corporate users of Microsoft's NT operating system are supposed to be protected from hackers attacking their intranets, websites, marketing plans, R&D databases, and treasuries by "proxy servers" or "firewalls" or "doors", which are supposed to lock out internet users from confidential areas of the host computer.

Theoretically, the proxy server has code in it that works like a door lock. But Mnenomix jimmied the lock. Then he posted notification of his action on a cyberspace bulletin board. Two days later Brian Smith, one of Microsoft's proxy server development team in Redmond, Washington, took the unusual step of contacting the young hacker by phone to discuss the break-in. "I wasn't certain Microsoft would respond," said John Mansfield, one of Diligence's three partners. "They're arrogant."

It is, indeed, the arrogance of Bill Gates-style geeks strung up and down America's West Coast - along with a dream of striking it rich after a working-class childhood in Liverpool - that has motivated Mansfield to get Diligence up and running.

Tough, bluff, sly, engaging, Mansfield is part of the great diaspora of elite British troops that took place in the 1980s when special forces types moved out of their barracks into new careers as defence industry commission agents, mercenaries and, latterly, kiss-and-tell book writers.

Mansfield's particular expertise was electronic warfare. "One day at four in the morning I was sitting in the snow in the Brecon Beacons, part of a unit testing the security of an airbase," he said. "Wouldn't it be great, I suddenly thought, if I could make a business out of this sort of thing?"

In the early 1990s Mansfield moved from active to reserve service and took a job as the UK sales manager of a smart card company. Meanwhile, through his work as a special forces reservist, he kept up on developments in electronic warfare, a large part of which boils down to computer hacking.

In July 1996 he incorporated Diligence and began hiring crackerjack hackers like Mnemonix by offering three opportunities: one, to make a living hacking; two, to make a living hacking inside the law; and three, to work in an environment where others lived off Big Macs and fell asleep at their keyboards.

Diligence sells software designed to stop security violations by company employees, as well as outside hackers. It monitors networks for unauthorised intrusions. It consults on information security. And it consults for companies whose IT departments are already overburdened in solving the millennium bug and other problems..

For two years Mansfield, 35, ran Diligence the way many Silicon Valley companies began - out of the equivalent of his garage. He spent time in the US learning more about IT security from the FBI and CIA. "In 1996 I went to a computer security conference in Washington," he said. "I was staying in the Hilton out by the Pentagon. I met a man who was a big name in the field. He introduced me to some people and it went from there."

Also working at the smart card company before he resigned was a young man named David Cazalet. Cazalet, 31, arrived at the company by a different route from Mansfield - grandson of the Queen Mother's horse trainer, son of a High Court judge, Eton, and swimming the Hellespont for a lark.

"Once David and I were stuck in traffic at Hyde Park Corner," Mansfield said. "I said wouldn't it be great if we could just cut through the arch? David said he had once, riding in a car with the Queen."

They became fast friends. Cazalet had at least an embryonic special forces pedigree. He had worked for the Janus Foundation, a group supporting east European dissidents before the Iron Curtain fell. The pair recreated a privatised version of the old upper class-working class SAS culture instigated by David Stirling, the SAS's founder.

None of this is as off-the-wall as a business story as it might seem - no more off-the-wall, for example, than Californian geeks who read The Upanishads by scented candlelight at night after pursuing their dreams of multi-millionaires by day.

When Cazalet quit the smart-card company to become a full- time Diligence partner in January, the company had almost 50 employees and had acted for 63 of the FT-SE 100 companies.

Now the pair are trying to raise Diligence's game. Through a Cazalet connection it retained the PR firm Basham & Coyle. Diligence will sponsor a conference on information security at London's Landmark Hotel on 28- 29 October.

Diligence has retained a Harvard Business School graduate, Philippe von Stauffenberg, the grand-nephew of Claus von Stauffenberg, the Austrian executed after attempting to assassinate Hitler, to draw up a business plan designed to attract venture capital. "Our revenue for the financial year ending next August will be six figures," said Cazalet. "Our goal is a nine-figure flotation in July 2001."

Information security is a growing business attracting the attention of City analysts. Hackers breaking into bank and defence computer systems constantly re-advertise the need for it. But there is competition. Last year the "firewall" market grew 143 per cent from $145.6m (pounds 85m) to $353.5m, according to International Data Corp, an American research firm. Check Point Software Technologies in Ramat-Gan, Israel, had 23 per cent of this market. US internet giant Cisco Systems had 19 per cent.

Can Diligence compete? Not by going toe-to-toe with giants such as Cisco. However, it might just develop a reputation by dint of commando raids like the one Mnemonix staged on Microsoft.

The information age might just be breaking down ingrained practices enough for the wild men at Diligence to develop a red-hot business as cyberspace crimebusters.