Mitnick, Kevin D. 1963-

views updated

MITNICK, Kevin D. 1963-

(Condor, Kevin David Mitnick)

PERSONAL: Born August 6, 1963 (some sources say 1965), in Van Nuys, CA; son of Alan (a record promoter and general contractor) and Shelly (a waitress; maiden name, Jaffe) Mitnick; married Bonnie Vitello (in telecommunications; divorced).

ADDRESSES: Home—7113 West Gowan Rd., Las Vegas, NV 89129. E-mail[email protected]

CAREER: Worked for Tel Tec Investigations (a private investigation agency), c. 1992; founder and chief executive officer of Defensive Thinking LLC, c. 2003–. Makes occasional appearances on radio program Coast to Coast AM.

WRITINGS:

(With William L. Simon) The Art of Deception: Controlling the Human Element of Security, foreword by Steve Wozniak, Wiley (Indianapolis, IN) 2002.

(With William L. Simon) The Art of Intrusion: The Real Stories behind the Exploits of Hackers, Intruders, and Deceivers, Wiley (Indianapolis, IN) 2005.

SIDELIGHTS: A convicted felon who is now a security expert, Kevin D. Mitnick has written two books illustrating how personal and corporate computer security can be breached. As a teenage hacker and "phone phreak," Mitnick and his friends searched dumpsters for computer information. His first arrest came when he was just seventeen and hacked into Pacific Bell's computers in 1981. Mitnick went on to become one of the most notorious computer conmen in the United States. When he was convicted for stealing long-distance codes from MCI in 1989, his defense included the claim that he was "addicted" to computers. After serving a year in federal prison, he was required to complete a residential twelve-step program. In 1992 federal officials sought Mitnick in another Pacific Bell case, which caused him to go into hiding for more than two years. He was discovered in North Carolina after he broke into the home computer of computational physicist Tsutomu Shimomura. Arrested in early 1995, he was charged with forty-eight counts of computer, wire, and cell-phone fraud. It was not until 1999, though, that Mitnick pleaded guilty to seven charges, having served most of a five-year sentence.

Mitnick asserts that his interest in hacking was never about causing harm; rather, he got a thrill out of accomplishing the seemingly impossible and impressing others. After three years' probation, he was allowed back on the Internet and founded his own consulting company. He is now in the business of teaching others how he used "social engineering" to gain access to sensitive information. In his The Art of Deception: Controlling the Human Element of Security he uses fictional illustrations to show readers how easy it can be to talk people into giving out passwords, money-transfer codes, and phone lists. As the author explained to Arlene Weintraub in a Business Week interview, "There is no patch for stupidity."

Mitnick wrote a second book, The Art of Intrusion: The Real Stories behind the Exploits of Hackers, Intruders, and Deceivers, while waiting for the opportunity to write about his own remarkable experiences. (The terms of his prison sentence prevent him from writing an autobiography for an undisclosed period of time.) According to Weintraub, "the same fame that Mitnick relies on for marketing collides head-on with his credibility. Unless Mitnick can resolve this conflict, his consulting business may not thrive. And if his speaking engagements peter out once the novelty wears off, he might be tempted to fall back on his old ways. He denies it will happen."

Telephone contact emerges as the hacker's most dangerous tool in The Art of Deception. While electronic and physical breaches in security are also detailed, Mitnick shows how even the most cautious organizations are vulnerable to verbal overtures. Reviewers found the book to be of interest to general and specialized audiences. In M2 Best Books, for example, Rebecca Sanderman described it as "superb," but was also bothered by how "it seemed more and more like a handbook on how to … obtain information from people." Writing in Security Management, Derek Knights remarked that "this is a good book for all levels of security management." While Knights said the stories "range from the ho-hum to the ingenious," he described the book as "an enjoyable, interesting, and insightful glance at this facet of the enemy."

In The Art of Intrusion the author decries the heavy-handed treatment of hackers and celebrates "Robin Hood"-style hackers who reveal a system's weaknesses to its owners. He also analyzes cases of corporate hacking and suggests ways that businesses can avoid being exploited. The book therefore provides both Mitnick's perspective on the psychological roots of hacking and technical background on how computer security is breached. Reviewers judged Mitnick's second book to be informative, if not always persuasive. In the Fort Worth Star-Telegram, Cecil Johnson commented that "there is intriguing material in it for the lay reader, particularly the biographical information about the intruders." The reviewer added, "I beg to differ with Mitnick about not prosecuting Robin Hood hackers. That sounds like giving anyone who has the know-how a license to intrude." Richard Pachter reviewed The Art of Intrusion for the Miami Herald, deeming it "well worth reading as a wake-up call about our porous electronic security net."

BIOGRAPHICAL AND CRITICAL SOURCES:

BOOKS

Outlaws, Mobsters & Crooks: From the Old West to the Internet, U∗X∗L (Detroit, MI), 1998.

World of Computer Science, Thomson Gale (Detroit, MI), 2002.

PERIODICALS

America's Intelligence Wire, July 5, 2003, interview with Kevin Mitnick.

Business Week, June 9, 2003, Arlene Weintraub, "Cyber Alert: Portrait of an Ex-Hacker," p. 116.

Fort Worth Star-Telegram, April 14, 2005, Cecil Johnson, "Author Says Firms Should Use Hackers to Find Flaws in Their Computer Security."

Library Journal, January 1, 2005, Joe Accardi, review of The Art of Intrusion: The Real Stories behind the Exploits of Hackers, Intruders, and Deceivers, p. 139.

M2 Best Books, February 4, 2003, Rebecca Sanderman, review of The Art of Deception: Controlling the Human Element of Security.

M2 Presswire, September 24, 2003, "'The World's Most Famous Hacker' Shares His Secrets," review of The Art of Deception.

Miami Herald, March 21, 2005, Richard Pachter, "Hack Attack: Shortcuts for Fun, Profit, and Terror," review of The Art of Intrusion.

New Architect, February, 2003, Christopher Null, review of The Art of Deception, p. 46.

Publishers Weekly, February 14, 2005, review of The Art of Intrusion, p. 66.

Security Management, July, 2003, Derek Knights, review of The Art of Deception, p. 157

Technology Review, March, 2005, Gregory T. Huang, "The Talented Mr. Mitnick: A Notorious Hacker Turns Security Guru," p. 21.

Telecomworldwire, February 4, 2003, Rebecca Sanderman, review of The Art of Deception.

ONLINE

Kevin Mitnick Web site, http://www.kevinmitnick.com (May 26, 2005).