Kevin Mitnick
Kevin Mitnick
Kevin David Mitnickis an American computer security consultant, author and hacker, best known for his high-profile 1995 arrest and later five years in prison for various computer and communications-related crimes...
NationalityAmerican
ProfessionBusinessman
Date of Birth6 August 1963
CountryUnited States of America
american-celebrity human message primary social speaking threat today
My message today is primary the same... I usually go around speaking on the threat of the human element, particularly on social engineering.
appearing authority certain convince engineer fear figure mental people perceived prone social taking
People are prone to taking mental shortcuts. They may know that they shouldn't give out certain information, but the fear of not being nice, the fear of appearing ignorant, the fear of a perceived authority figure - all these are triggers, which can be used by a social engineer to convince a person to override established security procedures.
acceptable basically break computer intrigued judgment poor security socially solving
It's still basically just solving a puzzle, ... Years ago, with poor judgment, I was intrigued to break through security on computer systems. Now I do it with the client's permission, for socially acceptable reasons.
engineering able social
Both social engineering and technical attacks played a big part in what I was able to do. It was a hybrid. I used social engineering when it was appropriate, and exploited technical vulnerabilities when it was appropriate.
veils social cloaks
Social engineers veil themselves in a cloak of believability.
books books-and-reading case criminal dealing higher information priorities time
At the time the books were released, I was in custody, so I had higher priorities - dealing with my criminal case - than dealing with litigation. There's a lot of information out there that is inaccurate.
companies needed spend train walls
A lot of companies are clueless, because they spend most or all of their security budget on high-tech security like fire walls and biometric authentication - which are important and needed - but then they don't train their people.
businesses deployed detection devices happens products secure site smaller standard stronger system
What happens with smaller businesses is that they give in to the misconception that their site is secure because the system administrator deployed standard security products - firewalls, intrusion detection systems, or stronger authentication devices such as time-based tokens or biometric smart cards. But those things can be exploited.
certain companies found kid phone quite throughout united
I don't know the capabilities of our enemies. But I found it quite easy to circumvent security at certain phone companies throughout the United States. So if an inquisitive kid can do it, why can't a cyberterrorist do it?
asks favor involving somebody verify
When somebody asks for a favor involving information, if you don't know him or can't verify his identity, just say no.
The Internet is like the phone. To be without it is ridiculous.
Not being allowed to use the Internet is kind of like not being allowed to use a telephone.
hacking hooked
I was hooked in before hacking was even illegal.
I was an accomplished computer trespasser. I don't consider myself a thief.