Intelligent Machines

The Talented Mr. Mitnick

A notorious hacker turns security guru.

From hijacked PCs that spew spam to denial-of-service attacks that crash Web servers, cyber-crime means billions of dollars a year in lost revenues and productivity. And no computer user is safe. “It’s not if,” says Kevin Mitnick, “it’s when are you going to get hacked.”

Mitnick should know. The former hacker perpetrated a series of high-profile corporate break-ins in the 1990s – and served five years in federal prison for it. Once the FBI’s most-wanted cyber-criminal, Mitnick is now one of the world’s most sought-after tech security consultants. “A few years back, companies spent more on coffee than on security,” he says. Now, they make security their top priority, hiring Mitnick to break into their systems, expose their weaknesses, and teach them how to protect themselves.

Hacking has been Mitnick’s priority ever since his teenage years in southern California. First telephone networks, then the Pentagon – then Nokia, Novell, and seemingly every other big company. Today’s laws on cyber-crime were practically invented because of Mitnick. His pranks earned him the respect of hackers as well as numerous arrests, culminating in his five-year prison stint. Mitnick spent eight months of that time in solitary confinement, he says, because the judge was told that Mitnick could start a nuclear war by calling up NORAD on a payphone and whistling modem tones into the receiver. His radio was seized for fear that he would turn it into a cell phone. Even using an electric typewriter in the prison library got him handcuffed and whisked away. “These guys were watching too much MacGyver,” he quips.

This story is part of our March 2005 Issue
See the rest of the issue
Subscribe

That was the turning point in his career. Since his release from prison in 2000, Mitnick has chosen to use his considerable skills to improve network security. Now 41 and sporting a decidedly buttoned-down look, Mitnick has made a guest appearance on the TV show Alias and earned honorable mentions in many other media outlets. Though he is often recognized as “that hacker guy” in airports and hotels, he says he registers under a fake name only at hacker conventions. But he doesn’t give out his private e-mail address or his city of residence; one can’t be too careful.

Indeed, the current pace of cyber-crime amazes even Mitnick. Last fall, he and Avantgarde, a tech marketing and design firm in San Francisco, hooked up six  computer platforms to the Internet via broadband DSL and recorded the cyber-attacks that occurred over a two-week period. It took less than four minutes for an automated attack to successfully break through the security defenses of one newly connected PC; most machines without an active firewall (a filter that screens suspicious code) faced more than 300 attacks per hour, while those with firewall protection faced fewer than four per hour. But  firewalls don’t protect against “social engineering,” a fancy term for conning users out of such sensitive information as passwords and PINs. The  idea that humans are the weak link in any security system was famously exploited by Mitnick in his glory days; he comes across as personable and authoritative, so it’s easy to see why people would give him information.

Mitnick’s case highlights a point that’s increasingly critical as more and more sensitive information and money change hands over the Internet: in his words, “Hacking is a skill set – how you use it is up to your ethics and morals.” And the arms race between malicious hackers and security experts will only escalate. “Computer systems are complex,” Mitnick says. “There will always be ways to break in.” Which means that no matter which side he is on – let’s hope it’s ours – Mitnick will always be in demand.

Become an MIT Technology Review Insider for in-depth analysis and unparalleled perspective.
Subscribe today

Uh oh–you've read all five of your free articles for this month.

Insider Premium

$179.95/yr US PRICE

More from Intelligent Machines

Artificial intelligence and robots are transforming how we work and live.

Want more award-winning journalism? Subscribe and become an Insider.

  • Insider Premium {! insider.prices.premium !}*

    {! insider.display.menuOptionsLabel !}

    Our award winning magazine, unlimited access to our story archive, special discounts to MIT Technology Review Events, and exclusive content.

    See details+

    What's Included

    Bimonthly home delivery and unlimited 24/7 access to MIT Technology Review’s website.

    The Download. Our daily newsletter of what's important in technology and innovation.

    Access to the Magazine archive. Over 24,000 articles going back to 1899 at your fingertips.

    Special Discounts to select partner offerings

    Discount to MIT Technology Review events

    Ad-free web experience

    First Look. Exclusive early access to stories.

    Insider Conversations. Join in and ask questions as our editors talk to innovators from around the world.

  • Insider Plus {! insider.prices.plus !}* Best Value

    {! insider.display.menuOptionsLabel !}

    Everything included in Insider Basic, plus ad-free web experience, select discounts to partner offerings and MIT Technology Review events

    See details+

    What's Included

    Bimonthly home delivery and unlimited 24/7 access to MIT Technology Review’s website.

    The Download. Our daily newsletter of what's important in technology and innovation.

    Access to the Magazine archive. Over 24,000 articles going back to 1899 at your fingertips.

    Special Discounts to select partner offerings

    Discount to MIT Technology Review events

    Ad-free web experience

  • Insider Basic {! insider.prices.basic !}*

    {! insider.display.menuOptionsLabel !}

    Six issues of our award winning magazine and daily delivery of The Download, our newsletter of what’s important in technology and innovation.

    See details+

    What's Included

    Bimonthly home delivery and unlimited 24/7 access to MIT Technology Review’s website.

    The Download. Our daily newsletter of what's important in technology and innovation.

You've read of free articles this month.