How a Teenage Hacker Gave Us an Adult Lesson in Wireless Communications
The true story of Ham radio autopatches, system vulnerabilities, and why low probability of intercept matters
Back in the mid-seventies, before cellular phones were in everyone’s pockets, many Ham Radio operators built radio relay stations that could connect to the public phone system. Known as autopatches, these marvels enabled Hams to make phone calls from their radios, including small, handheld radios.
With the financial help of several other Hams, I designed and built an autopatch system which we, as a group, shared. Any member of the group could make short-range and long-distance phone calls, as long as they helped cover the expenses. In those days, long-distance calls were not cheap, so we had a modest security system that used a selective tone to access the system. Overall, it worked great, but we eventually discovered that security was more important than we realized.
Security Breach: The Unauthorized User
One late evening, I got a call from a member saying that the autopatch was being used by someone outside the group. The voice was that of a young teen, and the call was long-distance. I hopped on the system, terminated the call, and asked for some ID from the unauthorized user, who simply disappeared. Not to make too bad a pun, but this was our wakeup call regarding system security. We temporarily shut down the phone part of the system while we figured out a fix.
Hacker vs. Engineers
Within a week, we had a “security patch” in place that made it more difficult for unauthorized users to make calls. Unfortunately, our hacker was more clever than we gave him credit for, and another late-night call followed. Finally, we put in a coded access system that was not easily guessed, and the problem was solved.
Or so we thought…
A few days later, I accessed the phone via radio. Nothing. Instead of the expected dial tone, there was… silence. I called the system phone number, and was met with a recording saying the number had been disconnected.
What?!?
I called the phone company to find out what had happened. The helpful representative looked at the records and discovered that someone had disconnected the phone line, but there was no paperwork to back up the disconnect.
Our hacker had hacked the phone company’s computer and shut off our phone as retaliation.
Needless to say, the folks at the phone company also found themselves tightening up their security. I didn’t find out how the hacker managed to get into their computer system (though security in those days we pretty lax), but I did find out from the police a short time later that our hacker was a fifteen-year-old kid.
The FBI, Ham Operators, and Ironic Justice
Yep, a fifteen-year-old who went on to become one of the most notorious of the early hackers. But there was an ironic justice in the end: He was finally caught by the FBI one evening, after years on the run, by a group of Ham Radio operators who used their transmitter hunting skills to find the cellphone he was using while engaging in his hacking hobby.
It doesn’t matter whether you are using the Internet or a wireless connection: Security is vital. A vulnerability anywhere in the network can expose the whole system. Fiber, cable, public-facing internet, and especially wireless, all need to be protected from intrusion.
Radio Design Group's Approach to Secure Communications Engineering
These lessons from the ‘70s inform every secure communication system we engineer today.
Are you working on a wireless design that needs reliable security? We can help with systems designed for security and jam resistance.
Low Probability of Intercept (LPI): Communication signals designed to be difficult to detect, intercept, or exploit by unauthorized parties.
Advanced Encryption: Modern cryptographic protocols that make intercepted signals useless to adversaries.
Jam-Resistant Systems: Anti-jamming technology that maintains communication integrity even under deliberate interference or attack.
Frequency-Hopping and Direct Sequence Spread Spectrum: Techniques that make signals difficult to intercept or disrupt.
Secure Network Integration: Understanding that your wireless system is only as secure as every component it connects to—and designing accordingly.
Ongoing Security Assessment: Regular evaluation and updates to address emerging threats and vulnerabilities.