Kevin Mitnick

Last updated

Kevin Mitnick
Kevin Mitnick ex hacker y ahora famoso consultor en redes en Campus Party Mexico 2010.jpg
Mitnick in 2010
Born
Kevin David Mitnick

(1963-08-06)August 6, 1963
Los Angeles, California, U.S.
DiedJuly 16, 2023(2023-07-16) (aged 59)
Pittsburgh, Pennsylvania, U.S.
Other namesThe Condor, The Darkside Hacker
Occupations
Organizations
  • Mitnick Security Consulting
  • Chief Hacking Officer at KnowBe4, Inc
Board member ofKnowBe4
Criminal charge(s)1995: Wire fraud (14 counts), possession of unauthorized access devices (8 counts), interception of wire or electronic communications, unauthorized access to a federal computer, and causing damage to a computer [1] [2]
Criminal penalty
  • 1988: One year prison [3]
  • 1999: 46 months prison plus 3 years probation
Spouse
Kimberley Mitnick
(m. 2022)
Call signN6NHG [4]
Website www.mitnicksecurity.com

Kevin David Mitnick (August 6, 1963 – July 16, 2023) was an American computer security consultant, author, and convicted hacker. He is best known for his high-profile 1995 arrest and five years in prison for various computer and communications-related crimes. [5] Mitnick's pursuit, arrest, trial, and sentence along with the associated journalism, books, and films were all controversial. [6] [7] After his release from prison, he ran his own security firm, Mitnick Security Consulting, LLC, and was also involved with other computer security businesses.

Contents

Early life and education

Mitnick was born on August 6, 1963, [8] in Van Nuys, Los Angeles, California. [9] His father was Alan Mitnick, his mother was Shelly Jaffe, and his maternal grandmother was Reba Vartanian. [10] [11] He grew up in Los Angeles, California. [8] At age 12, Mitnick convinced a bus driver to tell him where he could buy his own ticket punch for "a school project", and was then able to ride any bus in the greater Los Angeles area using unused transfer slips he found in a dumpster next to the bus company garage. [12]

Mitnick attended James Monroe High School in North Hills, [13] [14] during which time he became a licensed amateur radio operator with callsign WA6VPS [15] (his license was restored after imprisonment with callsign N6NHG [16] ). He chose the nickname "Condor" after watching the movie Three Days of the Condor . [17] He was later enrolled at Los Angeles Pierce College and USC. [13]

Career

For a time, Mitnick worked as a receptionist for Stephen S. Wise Temple in Los Angeles. [13]

Computer hacking

Mitnick gained unauthorized access to a computer network in 1979, at 16, when a friend gave him the telephone number for the Ark, the computer system that Digital Equipment Corporation (DEC) used for developing its RSTS/E operating system software. [18] He broke into DEC's computer network and copied the company's software, a crime for which he was charged and convicted in 1988. He was sentenced to 12 months in prison followed by three years of supervised release. Near the end of his supervised release, Mitnick hacked into Pacific Bell voicemail computers. After a warrant was issued for his arrest, Mitnick fled, becoming a fugitive for two-and-a-half years. [19]

According to the United States Department of Justice, Mitnick gained unauthorized access to dozens of computer networks while he was a fugitive. He used cloned cellular phones to hide his location and, among other things, copied valuable proprietary software from some of the country's largest cellular telephone and computer companies. [20] [21] Mitnick also intercepted and stole computer passwords, altered computer networks, and broke into and read private emails. [21] [22]

Arrest, conviction, and incarceration

Supporters from 2600 Magazine distributed "Free Kevin" bumper stickers. Free Kevin sticker.svg
Supporters from 2600 Magazine distributed "Free Kevin" bumper stickers.

After a well-publicized pursuit, the Federal Bureau of Investigation arrested Mitnick on February 15, 1995 at his apartment in Raleigh, North Carolina, on federal offenses related to a two-and-a-half-year period of computer hacking that included computer and wire fraud. [24] [25] He was found with cloned cell phones, more than 100 cloned cellular phone codes, and multiple pieces of false identification. [26]

In December 1997, the Yahoo! Web site was hacked, displaying a message calling for Mitnick's release. According to the message, all recent visitors of Yahoo!'s site had been infected with a computer worm that would wreak havoc on Christmas Day unless Mitnick was released. Yahoo! dismissed the claims as a hoax and said that the worm was nonexistent. [27] [28]

In 1998, Mitnick was charged in the United States District Court for the Central District of California with 14 counts of wire fraud, eight counts of possession of unauthorized access devices, interception of wire or electronic communications, unauthorized access to a federal computer, and causing damage to a computer. [29] As part of a plea bargain, Mitnick pleaded guilty in 1999 to four counts of wire fraud, two counts of computer fraud, and one count of illegally intercepting a wire communication. U.S. district judge Mariana Pfaelzer sentenced Mitnick to 46 months in federal prison plus 22 months for violating the terms of his 1989 supervised release sentence for computer fraud. He admitted to violating the terms of supervised release by hacking into Pacific Bell voicemail and other systems and to associating with known computer hackers, in this case co-defendant Lewis De Payne. [1] [30] [31] He was diagnosed with Asperger syndrome, but it was not used as evidence because he pleaded guilty before going to trial. [32]

Mitnick served five years in prison—four-and-a-half years' pre-trial and eight months in solitary confinement, because, according to Mitnick, law enforcement officials convinced a judge that he had the ability to "start a nuclear war by whistling into a pay phone", [33] implying that law enforcement told the judge that he could somehow dial into the NORAD modem via a payphone from prison and communicate with the modem by whistling to launch nuclear missiles. [34] In addition, a number of media outlets reported on the unavailability of kosher meals at the prison where he was incarcerated. [35]

Mitnick was released from prison on January 21, 2000. During his supervised release period, which ended on January 21, 2003, he was initially forbidden to use any communications technology other than a landline telephone. [36] Under the plea deal, Mitnick was also prohibited from profiting from films or books based on his criminal activity for seven years, under a variation of the Son of Sam law. [37]

In December 2001, a Federal Communications Commission (FCC) judge ruled that Mitnick was sufficiently rehabilitated to possess a federally issued amateur radio license. [38]

Controversy

Mitnick's criminal activities, arrest, and trial, along with the associated journalism, were all controversial. [6] Though Mitnick was convicted of copying software unlawfully, [39] his supporters argue that his punishment was excessive and that many of the charges against him were fraudulent [40] and not based on actual losses. [41]

John Markoff and Tsutomu Shimomura, who had both been part of the pursuit of Mitnick, wrote the book Takedown about Mitnick's capture. [42]

The case against Mitnick tested the new laws that had been enacted for dealing with computer crime and it raised public awareness of security involving networked computers. The controversy remains, however, and the Mitnick story is often cited today as an example of the influence that newspapers and other media outlets can have on law enforcement personnel. [43]

Consulting

After his release in 2000, Mitnick became a paid security consultant, public speaker, and author. He carried out security consulting for, performed penetration testing services, and taught social engineering classes to companies and government agencies. He ran Mitnick Security Consulting LLC, a computer security consultancy and was part owner of KnowBe4, provider of an integrated platform for security awareness training and simulated phishing testing, [44] [45] as well as an active advisory board member at Zimperium, [46] a firm that develops a mobile intrusion prevention system. [47] He resided in Las Vegas, Nevada. [48]

Death

Kevin Mitnick died from pancreatic cancer on July 16, 2023, at the age of 59 at a Pittsburgh, Pennsylvania hospital. [10] At the time of his death, he was married and his wife was pregnant with his first child. [8] [10] [49] [50]

Media

Adrian Lamo, Kevin Mitnick, and Kevin Poulsen (photo c. 2001) Lamo-Mitnick-Poulsen.png
Adrian Lamo, Kevin Mitnick, and Kevin Poulsen (photo c. 2001)

In 2000, Skeet Ulrich and Russell Wong portrayed Mitnick and Tsutomu Shimomura, respectively, in the movie Track Down (known as Takedown outside the US), which was based on the book Takedown by John Markoff and Shimomura. The DVD was released in September 2004. [51]

Mitnick also appeared in Werner Herzog's documentary Lo and Behold, Reveries of the Connected World (2016). [52]

Books

Written by Mitnick

Mitnick is the co-author, with William L. Simon and Robert Vamosi, of four books, three on computer security and an autobiography:

Authorized by Mitnick

See also

Related Research Articles

Tsutomu Shimomura is a Japanese-born physicist and computer security expert. He is known for helping the FBI track and arrest hacker Kevin Mitnick. Takedown, his 1996 book on the subject with journalist John Markoff, was later adapted for the screen in Track Down in 2000.

<span class="mw-page-title-main">John Markoff</span> American journalist

John Gregory Markoff is a journalist best known for his work covering technology at The New York Times for 28 years until his retirement in 2016, and a book and series of articles about the 1990s pursuit and capture of hacker Kevin Mitnick.

<span class="mw-page-title-main">Social engineering (security)</span> Psychological manipulation of people into performing actions or divulging confidential information

In the context of information security, social engineering is the psychological manipulation of people into performing actions or divulging confidential information. A type of confidence trick for the purpose of information gathering, fraud, or system access, it differs from a traditional "con" in that it is often one of many steps in a more complex fraud scheme. It has also been defined as "any act that influences a person to take an action that may or may not be in their best interests."

Freedom Downtime is a 2001 documentary film sympathetic to the convicted computer hacker Kevin Mitnick, directed by Emmanuel Goldstein and produced by 2600 Films.

<span class="mw-page-title-main">Kevin Poulsen</span> American computer hacker

Kevin Lee Poulsen is an American former black-hat hacker and a contributing editor at The Daily Beast.

A security hacker is someone who explores methods for breaching defenses and exploiting weaknesses in a computer system or network. Hackers may be motivated by a multitude of reasons, such as profit, protest, information gathering, challenge, recreation, or evaluation of a system weaknesses to assist in formulating defenses against potential hackers.

<i>Track Down</i> 2000 film by Joe Chappelle

Track Down is a 2000 American crime thriller film based on the non-fiction book Takedown: The Pursuit and Capture of Kevin Mitnick, America's Most Wanted Computer Outlaw—By the Man Who Did It by Tsutomu Shimomura and John Markoff, about the manhunt for computer hacker Kevin Mitnick. It is directed by Joe Chappelle, with a screenplay by Howard A. Rodman, John Danza, and David & Leslie Newman. The film stars Skeet Ulrich as Mitnick and Russell Wong as Shimomura, with Angela Featherstone, Donal Logue, Christopher McDonald, Master P, and Tom Berenger.

globalHell was a group of hackers. The group disbanded in 1999 due to being prosecuted for computer intrusion. The combined losses were estimated to be ranged between $1.5m and $2.5m. They were one of the first hacking groups who gained notoriety for website defacements and breaches. It is called a "cybergang" as it had many of the same characteristics of a gang, such as the organizational structure. They carried out some of the same activities as a gang, including trafficking in stolen credit card numbers.

<span class="mw-page-title-main">Jeremy Hammond</span> American political activist and hacker

Jeremy Hammond, alias sup_g, is an American anarchist activist and former computer hacker from Chicago. He founded the computer security training website HackThisSite in 2003. He was first imprisoned over the Protest Warrior hack in 2005 and was later convicted of computer fraud in 2013 for hacking the private intelligence firm Stratfor and releasing data to WikiLeaks, and sentenced to 10 years in prison.

Ehud "Udi" Tenenbaum, also known as The Analyzer, is an Israeli hacker.

Justin Tanner Petersen was an American hacker, concert promoter, sound engineer, private investigator and an informant for the Federal Bureau of Investigation. While tasked with helping to catch other hackers and fugitives wanted by the FBI, he continued to commit serious crimes.

Cameron LaCroix, aka camo, cam0, camZero, cmuNNY, is an American computer hacker best known for the hacking of Paris Hilton's cellular phone, accessing LexisNexis, and defacing Burger King's Twitter account. He has also been convicted of intentionally causing damage to a protected computer system, obtaining information from a protected computer system, wire fraud, and aggravated identity fraud. Prosecutors said victims of the teen's actions have suffered about $1 million in damages. Pursuant to a plea agreement signed by the juvenile in August 2005, he received 11 months in a federal juvenile detention facility. In January 2007 his supervised release was revoked due to possession of a cell phone.

Max Ray Vision is a former computer security consultant and hacker who served a 13-year prison sentence, the longest sentence ever given at the time for hacking charges in the United States. He was convicted of two counts of wire fraud, including stealing nearly 2 million credit card numbers and running up about $86 million in fraudulent charges.

<span class="mw-page-title-main">Federal Correctional Institution, Fort Dix</span> Federal prison in Fort Dix, New Jersey

The Federal Correctional Institution, Fort Dix is a low-security United States federal prison for male offenders in New Jersey. It is operated by the Federal Bureau of Prisons. A satellite prison camp houses minimum-security male inmates.

The Secret History of Hacking is a 2001 documentary film that focuses on phreaking, computer hacking and social engineering occurring from the 1970s through to the 1990s. Archive footage concerning the subject matter and graphical imagery specifically created for the film are voiced over with narrative audio commentary, intermixed with commentary from people who in one way or another have been closely involved in these matters.

<span class="mw-page-title-main">Roman Seleznev</span> Russian computer hacker

Roman Valerevich Seleznev, also known by his hacker name Track2, is a Russian computer hacker. Seleznev was indicted in the United States in 2011, and was convicted of hacking into servers to steal credit-card data. His activities are estimated to have caused more than $169 million in damages to businesses and financial institutions. Seleznev was arrested on July 5, 2014, and was sentenced to 27 years in prison for wire fraud, intentional damage to a protected computer, and identity theft.

"My kung fu is stronger than yours" or "wǒ de gōng fū bǐ nǐ de gōng fū gèng qiáng" is a popular cultural trope and catchphrase, originally referring to the clichéd plots of martial arts films. The phrase is also rendered as "My kung fu is better than yours", "My kung fu is stronger than your kung fu", "My kung fu is the best", etc.

<span class="mw-page-title-main">Carding (fraud)</span> Crime involving the trafficking of credit card data

Carding is a term of the trafficking and unauthorized use of credit cards. The stolen credit cards or credit card numbers are then used to buy prepaid gift cards to cover up the tracks. Activities also encompass exploitation of personal data, and money laundering techniques. Modern carding sites have been described as full-service commercial entities.

References

  1. 1 2 Gengler, Barbara (1999). "Super-hacker Kevin Mitnick takes a plea". Computer Fraud & Security. 1999 (5): 6. doi:10.1016/S1361-3723(99)90141-0.
  2. "Kevin Mitnick's Federal Indictment". sourcedns.com. Archived from the original on May 18, 2014. Retrieved September 13, 2014.
  3. "#089 Fugitive Computer Hacker Arrested in North Carolina". justice.gov. Archived from the original on June 13, 2013.
  4. "HEARING DESIGNATION ORDER (FCC 01-359)" (PDF). Federal Communications Commission. December 21, 2001. Archived (PDF) from the original on August 3, 2015. Retrieved December 3, 2015.
  5. "Kevin Mitnick sentenced to nearly four years in prison; computer hacker ordered to pay restitution to victim companies whose systems were compromised". justice.gov (Press release). United States Attorney's Office, Central District of California. August 9, 1999. Archived from the original on June 13, 2013.
  6. 1 2 Kroll, Jason (January 21, 2000). "Free Kevin, Kevin Freed". Linux Journal. Archived from the original on December 7, 2017.
  7. "Ex-hacker reveals tricks of the trade". AsiaOne Digital. Archived from the original on July 23, 2015.
  8. 1 2 3 Cho, Kelly Kasulis (July 20, 2023). "Kevin Mitnick, hacker and fugitive turned security consultant, dies at 59". The Washington Post . Archived from the original on July 20, 2023. Retrieved July 20, 2023.
  9. Hackers League (May 31, 2019). "Kevin Mitnick". Medium . Archived from the original on July 20, 2023. Retrieved July 20, 2023.
  10. 1 2 3 Albeck-Ripka, Livia; Mayorquin, Orlando (July 20, 2023). "Kevin Mitnick, Hacker Who Once Eluded Authorities, Is Dead at 59". The New York Times . Archived from the original on July 21, 2023. Retrieved July 21, 2023.
  11. "Freedom Downtime - The Story of Kevin Mitnick (2001)". CosmoLearning. August 20, 2009. Retrieved September 6, 2023.
  12. Greene, Thomas C. (January 13, 2003). "Chapter One: Kevin Mitnick's story". The Register . Archived from the original on September 12, 2012.
  13. 1 2 3 4 Mitnick, Kevin; Simon, William L. (2011). Ghost in the Wires: My Adventures as the World's Most Wanted Hacker. Little, Brown and Company. ISBN   978-0-316-03770-9. Archived from the original on November 4, 2011. Retrieved August 27, 2019.
  14. "Hacker Arraigned in Computer Fraud Case". Los Angeles Times . October 1, 1996. Archived from the original on July 20, 2023. Retrieved July 20, 2023. ... as a student at James Monroe High School in North Hills, he broke into the Los Angeles Unified School District's computers.
  15. Mills, Elinor (June 22, 2009). "Q&A: Kevin Mitnick, from ham operator to fugitive to consultant". cnet.com. CNET. Archived from the original on December 28, 2017. Retrieved December 18, 2017.
  16. "Mitnick Granted Ham License". Wired . December 27, 2002. Retrieved August 3, 2023.{{cite magazine}}: Unknown parameter |agency= ignored (help)
  17. Poole, Hilary W.; Lambert, Laura; Woodford, Chris; Moschovitis, Christos J. P. (2005). The Internet : a historical encyclopedia. Santa Barbara, California: ABC-Clio. ISBN   1-85109-664-7. OCLC   62211803. Archived from the original on July 20, 2023. Retrieved June 21, 2022.
  18. "The Missing Chapter from The Art of Deception by Kevin Mitnick". thememoryhole.org. Archived from the original on March 17, 2009. Retrieved February 16, 2020.
  19. Johnson, John; Ostrow, Ronald J.; Meyer, Josh (February 16, 1995). "Fugitive North Hills Hacker Arrested in N. Carolina : Crime: Kevin Mitnick eluded authorities for two years. He is alleged to have cost victims millions". Los Angeles Times. Archived from the original on June 27, 2023. Retrieved July 20, 2023.
  20. Tamaki, Julie (September 27, 1996). "Famed Hacker Is Indicted by U.S. Grand Jury". Los Angeles Times. Retrieved July 22, 2023.
  21. 1 2 Rose, E. Brian (December 1, 2015). Millionaire Within: Untold Stories from the Internet Underworld. Morgan James Publishing. p. 22. ISBN   978-1-63047-346-4.
  22. Byrne, Michael (September 27, 2014). "Kevin Mitnick Offers a Peek Inside the Cryptic Zero-Day Marketplace". Vice. Retrieved July 22, 2023.
  23. "Freedom Downtime - The Story of Kevin Mitnick". archive.org. October 23, 2016. Retrieved May 14, 2019.
  24. "Fugitive computer hacker arrested in North Carolina". usdoj.gov (Press release). United States Department of Justice. February 15, 1995. Archived from the original on June 29, 2012.
  25. The Colbert Report [ not specific enough to verify ]
  26. Painter, Christopher M. E. (March 2001). "Supervised Release and Probation Restrictions in Hacker Cases" (PDF). United States Attorneys' USA Bulletin. 49 (2). Executive Office for United States Attorneys. Archived (PDF) from the original on July 21, 2015. Retrieved April 19, 2015.
  27. "Yahoo Hack: Heck of a Hoax". Wired . December 9, 1997.
  28. Original text posted to Yahoo's website at archive.org
  29. Hesseldahl, Arik (September 4, 1998). "Hacker Can't Get Access". Wired via wired.com.
  30. "Computer Hacker Kevin Mitnick Sentenced to Prison". fas.org. Federation of American Scientists. June 27, 1997. Archived from the original on April 15, 2019. Retrieved February 16, 2020.
  31. "Kevin Mitnick sentenced to nearly four years in prison; computer hacker ordered to pay restitution to victim companies whose systems were compromised". usdoj.gov. United States Attorney's Office, Central District of California, U.S. Department of Justice. August 9, 1999. Archived from the original on September 26, 2009.
  32. Hess, Ken (September 12, 2011). "Ghost in the Wires: The Kevin Mitnick Interview". ZDNET . Archived from the original on November 5, 2022. Retrieved November 5, 2022.
  33. Mills, Elinor (July 20, 2008). "Social Engineering 101: Mitnick and other hackers show how it's done". CNET . Archived from the original on July 13, 2012.
  34. "Famed hacker to Snowden: Watch out". CNN . Archived from the original on March 30, 2022. Retrieved May 8, 2020.
  35. "Life Not Kosher for Mitnick". Wired. August 18, 1999. Archived from the original on September 18, 2012.
  36. Bowker, Art. "Hackers, Sex Offenders, and All the Rest". corrections.com. Archived from the original on September 14, 2018. Retrieved September 14, 2018.
  37. "World's most famous hacker Kevin Mitnick to speak at ULM Business Symposium". ulm.edu. Archived from the original on December 8, 2022. Retrieved July 20, 2023.
  38. "F.C.C. Lets Convicted Hacker Go Back on Net". The New York Times . December 27, 2002.
  39. Miller, Greg (March 27, 1999). "Judge Accepts Mitnick's Guilty Plea on 7 Counts". Los Angeles Times . Archived from the original on April 15, 2019. Retrieved February 16, 2020.
  40. Randolph, Donald C. "About Kevin's Case". Free Kevin Mitnick. Archived from the original on April 24, 2006.
  41. "Defense consolidated motion for sanctions and for reconsideration of motion for discovery and application for expert fees based upon new facts". Free Kevin Mitnick. June 7, 1999. Archived from the original on December 22, 2005.
  42. Shimomura, Tsutomo; Markoff, John (1996). Takedown: The Pursuit and Capture of Kevin Mitnick, America's Most Wanted Computer Outlaw - By the Man Who Did It. Hyperion. ISBN   978-0786862108.
  43. Christensen, John (March 18, 1999). "The trials of Kevin Mitnick". Archived from the original on December 8, 2018. Retrieved December 11, 2018.
  44. Noory, George (January 7, 2019). "Cybercrime & Security". Coast to Coast AM . Archived from the original on January 8, 2019. Retrieved January 8, 2019.
  45. KnowBe4. "Kevin Mitnick Partners With KnowBe4". prnewswire.com (Press release). Retrieved April 18, 2020.{{cite press release}}: CS1 maint: numeric names: authors list (link)
  46. Darlene Storm (July 19, 2012). "Interview: World's most famous hacker, Kevin Mitnick, on mobile security & Zimperium". Computerworld. Archived from the original on December 26, 2013.
  47. Alex Williams (December 20, 2013). "Zimperium Raises $8M For Mobile Security That Turns The Tables On Attackers". TechCrunch. AOL. Archived from the original on August 13, 2017. Retrieved June 25, 2017.
  48. "Kevin Mitnick's Security Advice". Wired . November 15, 2006.
  49. "Kevin David Mitnick". Dignity Memorial. Archived from the original on July 20, 2023. Retrieved July 20, 2023.
  50. "Famed Hacker Kevin Mitnick Dead at 59". SecurityWeek News. July 20, 2023. Archived from the original on July 20, 2023. Retrieved July 20, 2023.
  51. "Takedown". tcm.com. Archived from the original on March 7, 2023. Retrieved July 20, 2023.
  52. Security, Mitnick. "Lo and Behold". mitnicksecurity.com. Archived from the original on July 20, 2023. Retrieved July 20, 2023.
  53. Mitnick, Kevin; Simon, William L. (October 2003). The Art of Deception: Controlling the Human Element of Security. Wiley Books. ISBN   978-0-7645-4280-0. Archived from the original on April 25, 2011. Retrieved January 14, 2009.
  54. Mitnick, Kevin; Simon, William L. (December 27, 2005). The Art of Intrusion: The Real Stories Behind the Exploits of Hackers, Intruders & Deceivers. Wiley Books. ISBN   978-0-7645-6959-3. Archived from the original on May 14, 2011. Retrieved January 14, 2009.
  55. Mitnick, Kevin; Vamosi, Robert (February 2017). The Art of Invisibility. Little, Brown and Company. ISBN   978-0-3163-8049-2. Archived from the original on July 2, 2019. Retrieved July 2, 2019.
  56. Cohn, Scott (July 26, 2016). "Greed Report: These White-Collar Manhunts Will Make Your Head Spin". CNBC. Archived from the original on February 24, 2023. Retrieved July 20, 2023.

Bibliography

Movies

Books

Articles

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.