http://www.washingtonpost.com/wp-dyn/articles/A34488-2002Oct2.html By Brian Krebs washingtonpost.com Staff Writer Wednesday, October 2, 2002; 6:15 PM The average U.S. corporation spends a small fortune each year constructing a virtual fortress around its information assets, but no security technology can prevent an unsuspecting employee from being duped into letting the enemy in through the front gate. In their new book, "The Art of Deception," legendary hacker Kevin Mitnick and co-author William Simon explore the vulnerabilities companies forget to guard against in their race to protect their networks against hackers. Mitnick is a master of the territory. He has about four months left of a three-year probation that prevents him from using e-mail or the Internet. He went to jail in 1995 for hacking into telephone companies and stealing secret code from software industry titans. The 38-year-old Mitnick -- who has reinvented himself as a security consultant -- rarely targeted computer systems during his days as a hacker. Insteaad, he broke into networks by tricking their users into divulging key information. Mitnick now teaches companies how to spot gifted information thieves and their clever cons. In his heyday, Mitnick usually could get the information he wanted simply by asking for it, he said. Armed with the proper lingo, knowledge of internal procedures, or data only employees would know, he would assume the identity of an insider making routine inquiries, and he warns that this type of human threat is often overlooked. "Most people are basically trusting and can be manipulated based on their curiosity and their willingness to be liked and helpful," Mitnick said in an interview. Mitnick says he's looking forward to finally being off probation, but admits he doesn't really know what he's missing when it comes to the World Wide Web. At the time of his incarceration seven years ago, Netscape's Internet browser had only just been introduced. "I never knew the Internet as it exists today, so it's not like I had a taste of it and wanted to go back," he said. "But it would be nice to use e-mail normally." He writes and reads e-mails, but he doesn't hit the "send" button himself. Instead, an associate in his office acts as an e-mail intermediary. As he awaits the end of his probation, Mitnick is trying to stave off legal bills with his new business -- and maybe a Hollywood movie deal. He's also using eBay. Mitnick is using eBay to auction an old Toshiba laptop that was seized by the FBI in 1995. The autographed laptop -- relieved of its former contents and sporting a brand new copy of Windows 95 -- has received bids as high as $9,200. The reserve price has not yet been met. - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Thu Oct 03 2002 - 03:02:14 PDT