Kevin David Mitnick (born August 6, 1963) is an American computer security consultant, author, and hacker, best known for his high-profile 1995 arrest and later five years in prison for various computer and communications-related crimes.
Mitnick's pursuit, arrest, trial, and sentence along with the associated journalism, books, and films were all controversial.
He now runs the security firm Mitnick Security Consulting, LLC which helps test companies' security strengths, weaknesses, and potential loopholes. He is also the Chief Hacking Officer of the security awareness training company KnowBe4, as well as an active advisory board member at Zimperium, a firm that develops a mobile intrusion prevention system.
Video Kevin Mitnick
Life and career
Early life
Mitnick was born in Van Nuys, California, into a Jewish family. He grew up in Los Angeles and attended James Monroe High School in Sepulveda, California, during which time he became an amateur radio operator. He was later enrolled at Los Angeles Pierce College and USC. For a time, he worked as a receptionist for Stephen S. Wise Temple.
Computer hacking
At age 13, Mitnick used social engineering and dumpster diving to bypass the punch card system used in the Los Angeles bus system. After he convinced a bus driver to tell him where he could buy his own ticket punch for "a school project", he was able to ride any bus in the greater LA area using unused transfer slips he found in a dumpster next to the bus company garage. Social engineering later became his primary method of obtaining information, including usernames and passwords and modem phone numbers.
Mitnick first gained unauthorized access to a computer network in 1979, at 16, when a friend gave him the phone number for the Ark, the computer system Digital Equipment Corporation (DEC) used for developing their RSTS/E operating system software. He broke into DEC's computer network and copied their software, a crime for which he was charged and convicted in 1988. He was sentenced to 12 months in prison followed by three years of supervised release. Near the end of his supervised release, Mitnick hacked into Pacific Bell voice mail computers. After a warrant was issued for his arrest, Mitnick fled, becoming a fugitive for two and a half years.
According to the U.S. Department of Justice, Mitnick gained unauthorized access to dozens of computer networks while he was a fugitive. He used cloned cellular phones to hide his location and, among other things, copied valuable proprietary software from some of the country's largest cellular telephone and computer companies. Mitnick also intercepted and stole computer passwords, altered computer networks, and broke into and read private e-mails.
Arrest, conviction, and incarceration
After a well-publicized pursuit, the FBI arrested Mitnick on February 15, 1995, at his apartment in Raleigh, North Carolina, on federal offenses related to a 2½-year period of computer hacking which included computer and wire fraud. He was found with cloned cellular phones, more than 100 clone cellular phone codes, and multiple pieces of false identification.
Mitnick was charged with wire fraud (14 counts), possession of unauthorized access devices (8 counts), interception of wire or electronic communications, unauthorized access to a federal computer, and causing damage to a computer.
In 1999, Mitnick pleaded guilty to four counts of wire fraud, two counts of computer fraud and one count of illegally intercepting a wire communication, as part of a plea agreement before the United States District Court for the Central District of California in Los Angeles. He was sentenced to 46 months in prison plus 22 months for violating the terms of his 1989 supervised release sentence for computer fraud. He admitted to violating the terms of supervised release by hacking into Pacific Bell voicemail and other systems and to associating with known computer hackers, in this case co-defendant Lewis De Payne.
Mitnick served five years in prison--four and a half years pre-trial and eight months in solitary confinement--because, according to Mitnick, law enforcement officials convinced a judge that he had the ability to "start a nuclear war by whistling into a pay phone", meaning that law enforcement told the judge that he could somehow dial into the NORAD modem via a payphone from prison and communicate with the modem by whistling to launch nuclear missiles. In addition, a number of media outlets reported on the unavailability of Kosher meals at the prison where he was incarcerated.
He was released on January 21, 2000. During his supervised release, which ended on January 21, 2003, he was initially forbidden to use any communications technology other than a landline telephone. Mitnick fought this decision in court, eventually winning a ruling in his favor, allowing him to access the Internet. Under the plea deal, Mitnick was also prohibited from profiting from films or books based on his criminal activity for seven years, under a special judicial Son of Sam law variation.
In December 2002, an FCC Judge ruled that Mitnick was sufficiently rehabilitated to possess a federally issued amateur radio license. Mitnick now runs Mitnick Security Consulting LLC, a computer security consultancy and is part owner of KnowBe4, provider of an integrated platform for security awareness training and simulated phishing testing.
Controversy
Mitnick's criminal activities, arrest, and trial, along with the associated journalism, were all controversial. Though Mitnick has been convicted of copying software unlawfully, his supporters argue that his punishment was excessive and that many of the charges against him were fraudulent and not based on actual losses.
In his 2002 book, The Art of Deception, Mitnick states that he compromised computers solely by using passwords and codes that he gained by social engineering. He claims he did not use software programs or hacking tools for cracking passwords or otherwise exploiting computer or phone security.
John Markoff and Tsutomu Shimomura, who had both been part of the pursuit, wrote the book Takedown about Mitnick's capture.
Jonathan Littman wrote The Fugitive Game in response, alleging:
- Journalistic impropriety by Markoff, who had covered the case for The New York Times, based on rumor and government claims, while never interviewing Mitnick himself;
- Overzealous prosecution of Mitnick by the government;
- Mainstream media over-hyping Mitnick's actual crimes;
- Shimomura's involvement in the matter being unclear or of dubious legality.
Further controversy came over the release of the movie Takedown (titled Track Down in certain locations), based on the book by John Markoff and Tsutomu Shimomura, with Littman alleging that portions of the film were taken from his book without permission. The case against Mitnick tested the new laws that had been enacted for dealing with computer crime, and it raised public awareness of security involving networked computers. The controversy remains, however, and the Mitnick story is often cited today as an example of the influence that mainstream newspapers can have on the law enforcement personnel.
Consulting
Since 2000, Mitnick has been a paid security consultant, public speaker and author. He does security consulting for Fortune 500 companies and the FBI, performs penetration testing services for the world's largest companies and teaches Social Engineering classes to dozens of companies and government agencies.
Maps Kevin Mitnick
Media
In 2000, Skeet Ulrich and Russell Wong portrayed Kevin Mitnick and Tsutomu Shimomura in the movie Track Down (known as Takedown outside the USA), which was based on the book Takedown by John Markoff and Tsutomu Shimomura. The DVD was released in September 2004. A documentary named Freedom Downtime was produced by 2600: The Hacker Quarterly in response to Takedown.
On August 18, 2011, Mitnick appeared on The Colbert Report to talk about his new book, Ghost in the Wires. On August 23, Mitnick was interviewed on Coast to Coast AM during the episode "Hacking & Technology". On August 24, he appeared on the TWiT.tv network's Triangulation episode.
On September 12, 2011, Mitnick answered readers' questions on the technology news site Slashdot. This was the second time he was interviewed on Slashdot, the first time being in February 2003.
Mitnick's story was a partial inspiration for Wizzywig, Ed Piskor's graphic novel about hackers.
Mitnick also appeared in Werner Herzog's documentary Lo and Behold, Reveries of the Connected World (2016).
Books
Written by Mitnick
Mitnick is the co-author, with William L. Simon and Robert Vamosi, of three computer security books and his autobiography:
- (2003) The Art of Deception: Controlling the Human Element of Security
- (2005) The Art of Intrusion: The Real Stories Behind the Exploits of Hackers, Intruders & Deceivers'
- (2011) Ghost in the Wires: My Adventures as the World's Most Wanted Hacker
- (2017) The Art of Invisibility: The World's Most Famous Hacker Teaches You How to Be Safe in the Age of Big Brother and Big Data
Authorized by Mitnick
- (1996) The Fugitive Game: Online with Kevin Mitnick. In this book author Jonathan Littman presented Mitnick's account of his story, as John Markoff's book "Takedown" (1996) and Jeff Goodell's "Cyberthief and the Samurai" (1996) presented Shimomura's side (when Mitnick was legally unable to profit from his own story).
See also
- Kevin Poulsen
- "My kung fu is stronger than yours"
- List of computer criminals
- The Secret History of Hacking
- DEF CON
References
Bibliography
Books
Articles
External links
- Official website
- Kevin Mitnick interviewed on the TV show Triangulation on the TWiT.tv network
Source of article : Wikipedia