Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Information-Security-News
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[ISN] Done the crime, now it's Mitnick's time

from [InfoSec News] Network Security [Permanent Link]
Subject: [ISN] Done the crime, now it's Mitnick's time
Date: Wed, 15 Dec 2004 02:27:10 -0600 (CST) 
http://www.theage.com.au/news/Next/Done-the-crime-now-its-Mitnicks-time/2004/12/13/1102786984190.html

By Patrick Gray
December 14, 2004
Next

After a five-month delay, the Department of Immigration has granted
the world's most notorious convicted cyber-criminal, Kevin Mitnick, a
visa to travel to Australia next year to consult to local companies,
accept speaking engagements and promote his new book, scheduled for
release in March.

It will be Mitnick's first visit to Australia and one of his few trips
outside the US and Europe.

Mitnick spent more than five years in jail for his exploits, which
included hacking into Motorola, Novell, Fujitsu, Sun Microsystems and
Nokia to steal software code. Since his release in 2000, he has worked
as a security consultant and written two books, The Art of Deception
[1] and The Art of Intrusion [2].

Mitnick will fly to Melbourne on March 2 to deliver a keynote speech
to an as yet unnamed company. He will fly back to the US the following
week to start a book tour, returning to Australia in April to conduct
a workshop.

Mitnick is best known for his uncanny ability to trick employees into
revealing sensitive information, a technique called "social
engineering".

He cites the theft of two customs computers from Sydney International
Airport by three men in August last year as one example of a social
engineering attack in Australia.

"A lot of companies in Australia are vulnerable," Mitnick says. "That
was a pure social engineering attack. We all know they weren't after
the hardware, they were after the data."

Both of Mitnick's books are about security but many people will be
more eager to read the one he plans to start writing on January 21,
2007, when a court order that stops him from profiting from his crimes
expires.

"I'm definitely doing an autobiography," he says. "It's going to focus
on the adventure, the things I did when I was a fugitive, how I lived
my life and what was going through my head, the close calls nobody
knows about. It will be the Catch Me If You Can of cyberspace."

Catch Me If You Can [3] was an autobiography written in 1980 by Frank
Abagnale jnr, a con man who passed himself off as a Pan Am pilot while
forging $US2.5 million in fake cheques.

There have been books written about Mitnick's exploits, most famously
Takedown, written by New York Times journalist John Markoff and
Tsutomo Shimomura, one of Mitnick's victims, which was made into a
movie.

But Mitnick says the real story hasn't been told. He has been
portrayed as the "Osama bin-Mitnick of the internet", he says, and he
wants to set the record straight. Mitnick launched a legal action
against the producers of the Takedown movie, which was settled out of
court.

Although Mitnick spent two years on the run from the FBI in the US
living under assumed names, he doesn't expect law enforcement to take
much interest in his travels these days.

"The only time they call me is when they need my help," Mitnick says.  
"They don't contact me because they're suspicious I'm doing anything
wrong."

Mitnick has just finished a vulnerability assessment of a US credit
union. Much of his work involves technical testing and doesn't rely on
his mastery of social engineering.

"I'm doing vulnerability penetration tests, I'm going into companies
and hardening their systems and network," he says. "It's all
technical, no social engineering."

A penetration test is work well suited to Mitnick's talents. Similar
to the fictional hackers in the 1992 movie, Sneakers, for a fee, he
breaks into companies' networks, submitting a report detailing
security weaknesses and vulnerabilities.

Before his release, Mitnick had never been out of the US, with the
exception of Canada and Mexico.

As much as he enjoys seeing the world, Mitnick confesses he is afraid
of flying.

"I hate to fly, man, I hate it. I have to get some sleeping pills to
knock me out."


[1] http://www.amazon.com/exec/obidos/ASIN/076454280X/c4iorg
[2] http://www.amazon.com/exec/obidos/ASIN/0764569597/c4iorg
[3] http://www.amazon.com/exec/obidos/ASIN/0767905385/c4iorg



_________________________________________
Open Source Vulnerability Database (OSVDB) Everything is Vulnerable - 
http://www.osvdb.org/
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
  • [ISN] Done the crime, now it's Mitnick's time, InfoSec News <=
Previous by Date:  [ISN] Air Force seeks cyberwar edge, InfoSec News
Next by Date:  [ISN] 'ChineseSpyBoy' claims to have cracked McAfee sites, InfoSec News
Previous by Thread:  [ISN] Air Force seeks cyberwar edge, InfoSec News
Next by Thread:  [ISN] 'ChineseSpyBoy' claims to have cracked McAfee sites, InfoSec News
Indexes:  [Date] [Thread] [Top] [All Lists]