The Hunt for DB Cooper – Cyber attacks strike the Mountain News and one other Cooper investigator

by Bruce A. Smith

I have come under cyber attack for my work on the DB Cooper case.  These attacks also involve another DB Cooper investigator, attorney Galen Cook.

The intrusions are varied, and include file theft, email blocking, sending emails in my name to the FBI HQ in New York City, and document destruction. 

The assault began in June 2012, hit a crescendo in August and then went dormant, but has now re-intensified in January 2013 as I write my book in earnest.   

 The first evidence of the attack I encountered was discovering in June that some of my email files were empty.  When I discovered the problem I thought it trivial.  The files were inconsequential, just old correspondence between colleagues of years past.

 Somebody hacking I guess, one of the problems of being an open-sourced journalist?  I thought.

 Or somebody sending me a message?  You are not secure, I can hack into your files and take them if I want.

 That latter thought was unsettling, but still relatively minor as nothing substantial in my life or writings were affected.  Besides, I was still recovering from a heart attack, so I had plenty of other things to think about, such as what new vegan concoction to cook for dinner.

 However, the Big Enchilada hit in mid-August while I was with family in New York.  A couple of days before I was scheduled to return home to Washington, I was checking my emails at a public library near my mom’s home.  In the midst of my perusing, nature called, so I shut down my computer and headed to the restroom.  When I returned I fired up my library rig and returned to the emails.

 Surprisingly, about a dozen new emails had come in during my brief sojourn.  They were all robo-type messages from the FBI office in New York City, and were a response to somebody sending them a bunch of my emails, oddly, all of which I had just deleted from my inbox before I headed to the bathroom.  The FBI emails said that they had received them on an account identified as “AGNY” and the message asked me to please remove the address from my “distribution list.”  In effect, the FBI didn’t want my “spam.”

 Not realizing their importance, I deleted the robo-emails.  I would have lost them anyway because when I returned home to Washington two days later all my emails that I had read in New York and thought would still be waiting for me were all gone.  Totally vanished.

 I was stunned.  In years past I had read my emails in New York using web mail access to my email account and never had a problem before – they were always there when I got home.

 I called the phone company that provides my emails and Internet connection.  They told me they had downloaded my emails to the public library system and didn’t save any copies.  I don’t know if that was a change in policy or procedures, but I seemed to have no recourse at that point.  Perhaps to cheer me up, the technician I spoke with said that he had never heard of any similar event, and suggested that I change my password on my email account, which I did.

 Next, I called the library in New York and asked them for advice.  They had none, and added that they had never heard of a similar experience.

 I then called my pc security guy in Washington, a local fellow who has an excellent reputation and makes house calls, which I find invaluable.  He said he would look into it, but I never heard anything definitive back from him.  He recommended that I call the FBI in New York and ask them for assistance.

 In the midst of this process, Galen emailed me.

 “I just got an email from the FBI office in New York!  CALL ME- ASAP!”

 Galen had received the same type of robo email that I had received a few days prior in New York, and it informed him that FBI wanted to be taken off his distribution list.  However, the email that had been sent to the AGNY address in New York was a snippet of four emails that Galen and I had exchanged two years prior.  The content of the emails was about DB Cooper, but there was no significant information in them – certainly no earth-shaking findings.

 So, someone was able to hack into my email account, take four emails out and send them to the FBI via Galen’s email server.  Hence, the FBI in New York thought they were coming from Galen, which was clearly erroneous.

 Galen was furious, and impressed upon me the seriousness of the situation – not only had my personal security been breached, but private correspondence between an attorney and a potential client, me, had been stolen and re-distributed publicly.  Galen insisted that I take further action, so I called the FBI.

 Somewhat trepidatiously, I picked up the phone and called the FBI in New York.

 Fortunately, the first FBI guy I spoke to in New York was polite and listened attentively to my story.  He asked a question or two and then announced that he was going to bump me to another agent who had more cyber savvy than he was.

 The next agent listened again to my story, but with a much keener level of interest.  Nevertheless, he didn’t have any answers for me, other than to suggest I change passwords on my email account.  He also reassured me that he and the FBI were taking my issues seriously, and that the event seemed to be a “head-scratchier.”  Further, he said he would ask others in his office what they thought was going on and what I should do about it.  He was also reassured to learn that I had already changed my password.

 Additionally, Galen sent me the email that the FBI had sent to him, and this is now the only evidence I have of the robo-emails from the FBI.

 Galen and I talked further and agreed to refrain from sending emails to each other that contained important information unless we are willing to have them hacked and misused.  We have followed that scheme to this day, but we have exchanged plenty of tidbits, such as the pilot chute story and Galen’s finding that two fellows other than Brian Ingram claim to have seen Cooper money at Tina’s Bar.  Nevertheless, Galen and I have not experienced any obvious intrusions.

 We also talked extensively about who would do this and why.  What could be gained by hacking my computer files when most of the information I have on DB Cooper is posted on the Mountain News?  Galen wondered if perhaps a wannabe Cooper writer was trying to get a jump-start on his research, but that possibility seemed spurious.

 The FBI playing head games with us?  Maybe, but why?

 If someone really wanted to mess up my investigation, why not just clean out my hard drive?  Why send spammie-stuff to 26 Federal Plaza?

 Someone was sending me a warning?  Letting me know I was about to step on some very large toes?

 Regardless, the issue faded away as I stopped writing in the face of health issues that emerged in early September.  Although I was re-hospitalized my heart was fine, but my soul was not.  After a rough night in Good Sam I trudged onward through the fall of 2012.  Eventually, I took some anti-depressants to assuage my inertia, then went back to New York to spend the holidays with family.  Now, in January 2013, I have returned to my writing with determination.

 In response, the hacker has returned as well.

 I arrived from New York on January 8, and after a few days of getting re-settled at home I started writing again.

 First off, I hadn’t read any emails in New York, so I had 1,200 of them to review.  One of them warmed me – an email from a literary agent who was interested in reading three chapters of my DB Cooper book, but was giving me a head’s up that my attachments containing the work hadn’t arrived with the email I had sent her in early December.  Hmmmm.

 I was glad she was still interested, but the hacker was active again, apparently, and was now intercepting my emails, even blocking my correspondence with publishers and agents.

 Nevertheless, I revisited my three chapters and began to polish them a bit more before I sent them off to the agent.  In the process, my computer speeds dropped dramatically.  Some days I had to wait ten seconds for every change in function.  It was maddening.

 “I’ve got to call my tech guy and get rid of those damn cookies! I thought.

 Then, on Sunday, January 13, the hacker struck hard.  I had created a new word document for a revision of my Chapter 3.  The first one disappeared during the time I had initially saved it and made a cup of tea.  By the time I returned to my desk it was gone.

 Damn, I thought I had saved it.  Maybe not? 

 I re-formed it and began writing.  I was inspired and wrote for two hours.  Then my mouse began to act funky and I was unable to scroll down my page.  I popped the cover plate off the mouse and began cleaning out the accumulated gunk on the wheels.  By the time I finished, the whole document was gone – I could find no trace of it.

 I searched my computer using every function I could think of.  Then I went to bed.

 Oh, well, I’ll deal with it tomorrow, and save everything in sight to hard disks

 I also resolved to alert the FBI and tell them that I had been a victim of a theft that is focused on the DB Cooper case and involves the FBI.

 Now I have.

 Lastly, as I began writing this document my mouse lost its ability to scroll.  Sensing trouble, I shut down my rig, then fired it back up and finished this piece using my computer only as a word processor -without any Internet connections.  Blissfully, my mouse worked perfectly.

 By the way, the FBI today informed me that anyone who suspects Internet fraud or criminal activity should consult the Bureau’s “ic3” web site and file a complaint.  That’s where I’m going next.

 ©  2013  Bruce A. Smith

This entry was posted in DB Cooper. Bookmark the permalink.

15 Responses to The Hunt for DB Cooper – Cyber attacks strike the Mountain News and one other Cooper investigator

  1. dave says:

    make sure you have a good anti’virus that has a boot scan on it, this will scan your computer before windows starts, also look for root kits, hackers use them, they are nasty, AVG has a free root kit you can download. you should always run a virus scan once a week, along with a boot scan and make sure the anti-virus is always up to date…


  2. I have also had many occasions this past month with typing going astray as I compose. When it starts happening, I compose with the Internet shut off. I have also found it effective to “air type” a message to the hacker. The messages he gets from me are “inappropriate” and “nasty,” but usually the weirdness ceases. I have strong antivirus software and scan regularly, but these folks have back doors. I have been thinking it IS the FBI and I have typed that message to them as they are messing up my stuff… and my stuff is not about DB Cooper, just blogging local news. Although, I could mess with them a little about DB Cooper too.

  3. Bruce: Perhaps you should switch to Avast for your security. You might want to consider using a Gmail account, too. They have better security than other email servers. You can also import all your old mails and your address list to Gmail once you make the switch. 1) Install Avast, but don’t check any boxes that give you a free toolbar or whatever. It’s free, you just have re-register once a year. Then do a complete scan of your computer. 2) Switch to Gmail after you finish all this. If you need any help with this stuff I would be willing to meet up with you in person on a weekend. I live in Auburn, as you know.

  4. Josh Magill says:

    A little to much “conspiracy theory” for me.

  5. brucesmith49 says:

    Editor’s Note: Pierce Prairie Post’s editor is a contract programmer for Microsoft, so PPP’s perspective is quite informative, in my view.

    After some discussion with folks in cyber security that I respect highly, the current view of what I’m dealing with is this:

    The big hack occurred at the public library, as my files were most vulnerable then. It may have also triggered some kind of FBI surveillance as the intel community monitors emails from public libraries because many folks feel more secure not using their personal rig.

    The disappearance of my word doc on Sunday may have been the result of sloppy saving on my part, as I didn’t shut down the doc before I started cleaning my mouse.

    Nevertheless, I have filed a complaint with the IC3 people, which is apparently a consortium of federal agencies that are headed by the Secret Service, of all people. The FBI is also involved with investigating cyber crime, as is a new agency called Homeland Security Investigations, or HSI.

    • And after my last post I could not close the Explorer window, it kept popping back open. Hi FBI, thanks for checking. BTW, I also worked in Microsoft’s Innovative Government group which included cybersecuirty people. Yes, they can and do have thee ability to do this. Anyone remember the emails that Petraus wrote his sweetie? They never send them, they saved as drafts. If they are sent, they can be scanned byt he government security. ALSO, my letter are appearing on the screen VERY slowly, far behind my typing. Mayvbe theyare checking on the DEA story… not just DB Cooper. Bruce, we’re so much trouble. Now they’ll get really inrterested If I emtion while they are listening that I was listening to the VHF transmission of the plance DB Cooper hijacked when I was 14… because we had a VHF radio and I knew the tower frequency. And I know some of their lies. HA!

      • brucesmith49 says:

        Ahem, Marianne. The occurrence of you listening to the Seattle Center transmissions with Flight 305 during the DB Cooper skyjacking was one of the tidbits I was discussing in my Chapter 3 revision that went “poof” Sunday night. Don’t worry though, I put it back in Monday when I re-wrote the whole thing. It’s now saved on a thumb drive and a hard disk. But M, we need to be careful…we’re gonna make Josh really nervous….

      • Seattle Center does not do approach control. I know, I helped train my ex who is an ATC. SeaTac Tower was where I was dialed in. I’m just a curious airport kid with access to a VHF radio (but no transmitter).

  6. Josh Magill says:

    No nervous here. My father was FBI for 20+ years and I was born (and lived over 10 years) in Roswell, New Mexico. Conspiracy talk doesn’t get me nervous, rather, it is hilarious to me.

  7. williambillybudd says:

    So I assume you have contacted Trevor Sands? I have not heard much from Trevor for a while but I know that he moved his family to Tacoma. Maybe you should start a new email address. It is a pain in the ass but it is better that losing files.


  8. Dick Thurston says:

    I am having problems similar to yours, abeit not involving a controversial subject. I blame them on old hardware which is reaching it’s limits in dealing with the data-rich environment that gets involved when I get onto the Internet. Seems every site has streaming video ads which consume a lot of bandwidth and really slow down the computer. I am using more pictures in my corresponance these days which also stresses out my system. I’ve had the hacking problem a few times, which has resulted in peole using my screen name to send spam. As others have suggested, you may need to change your screen name and/or servers and get some higher quality anti-virus software. You coukld also take your compter to a dealer and get it cleaqned out,there’s probabaly a lot of junk files and programs you don’t use often which slows the system down. I have been offloading information that I rarely access but want to keep onto CD’s. You can also use thumb drives.

    I find there is a lot of stuff I need to look up eevry few months which is just as easy to get off a CD as to dig through the computer memory for. You might try keeping your long-term stuff on CD’s, separated by subject matter – like your Cooper stuff on one or several CD’s and other CD’s for stories you need to refeerence periodically, but not every day.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s