Mitnick Security Consulting, LLC is a full-service information security consulting firm. Founded by Kevin Mitnick, Mitnick Security Consulting offers a comprehensive range of services to help businesses protect their valuable assets. read more »
JULY 2012: The last 8 months Kevin has been working hard on a brand new Security Awareness Training course co-authored with leading security training company KnowBe4, LLC. He is excited that this is now released and you can find information and a demo at KnowBe4.
Kevin's new book: Ghost in the Wires
Kevin Mitnick, the world's most wanted computer hacker, managed to hack into some of the country's most powerful—and seemingly impenetrable—agencies and companies. By conning employees into giving him private information and maneuvering through layers of security, he gained access to data that no one else could.
Praise from Publisher's Weekly
"It's the piquant human element that really animates this rollicking memoir of high-tech skullduggery. Mitnick (The Art of Deception) recounts his epic illegal computer hacks of Sun Microsystems, Digital Equipment Corporation, and any number of cellphone makers; his exploits triggered a manhunt that made headlines. He insists he did it not for money but for the transgressive thrill of looking at big, secret computer programs--otherwise he apparently lived a threadbare existence on the lam--and the claim rings true; there's something obsessive and pure about his need to hack and brag about it to others, habits which eventually brought about his downfall." Read more here »
"Kevin Mitnick, world renowned hacker and security expert, entranced an audience of over 1500, including 1000 US Naval Academy Midshipmen, at the United States Naval Institute’s Conference on cyber security. His presentation explained the dangers of social engineering and how individuals can reduce the risks having their personal information and online accounts stolen. During his demonstration, he showed how readily information can be gathered by hackers using perfectly legal means from any organization’s forward facing servers. He additionally showed a Midshipman how easily he could, through readily accessible and legal means, obtain personal information stored on the Internet.
Mitnick was exciting and provided real-world information that not only informed but entertained the audience. He left the Academy a buzz as word of his presentation spread and had the Midshipmen asking for additional sessions with him!"
CAPT Steven "Doc" Simon, USN
Director, Cyber Security Center
United States Naval Academy
December 10, 2012
"We have been fortunate enough to work with Kevin over the past 3 years. I am consistently amazed at the quality of work from him and his team. We have used a number of third parties for various security tests over the years. Kevin's thoroughness and breadth of knowledge is unsurpassed. Kevins results are not just a finding on a report. He shows you how it could be exploited. Working for a software company it can sometimes be tough to convince development staff that a finding is really an issue. It is extremely powerful when Kevin and his team not only puts it in the report but sets up an example and shows the staff what could happen. This past year we had Kevin perform his testing and then follow up with a presentation to the entire organization. Kevin is not just a brilliant security tester. He is a very engaging and effective speaker. Kevin was able to mix stories from his past with stories from our organization and come up with the most effective security presentation I have ever seen. At many organizations security is just something that we have to do. In our company our employees understand the threat because they have seen it. This is a testament to the work that Kevin has done over the past few years for us."
Joel – Chief Security Officer – Financial Services company
"It is not what you know that is scary, it's what you don't know and Kevin Mitnick has a presentation that will demonstrate just how ignorant you are. If you need to put the fear of god into your C-Level co-workers or motivate your directors to approve your security budget, I would suggest that you have them attend his highly interactive and entertaining demonstration.
Kevin starts his show by demonstrating some fairly straight forward hacks. With multiple monitors set up, Kevin demonstrates a user opening a PDF file—with no tipoff to the user, Kevin takes control of the targeted PC. He repeats the demo with an IM message and then a flash drive. Think you have USB devices locked down? I did until Kevin showed a modified Flash Drive that looks like a "Human Interface Device". It emulates a keyboard and is programmed to surreptitiously "type" input on command.
Thank goodness you think, "well, at least my building is physically locked down and secure". Not for Kevin. Another demo showed how quickly many proximity cards can be copied and cloned just by walking by someone who has access to the door that you desire to enter.
Kevin spends quite a bit of time discussing "social engineering" and the fact that successful attacks almost always take advantage of people. Whether it is following human nature by holding a controlled door open for someone with a heavy package, or the stupidity of your receptionist who gives a password to a stranger posing as IT support, the technical side of attacks is only the tools. The simple fact is that the most vulnerable link in security is people. We object to security because security is almost always a tradeoff versus convenience. Further, far too rarely do we question the people and events happening around us. We let our guard down thinking it can't happen because it hasn't happened. Perhaps the only reason it hasn't happened is because you, up until now, have been lucky. See Kevin and bring the leadership of your company. At the very least it is an eye opener. At best, maybe a future hacker will decide you are just too well informed to attack."
-Steven L. Susman, Director-Information Technology, Manager-Engineered Systems, Supreme Security Systems, Inc.
"The Webinar [on social engineering] with Kevin was fantastic and we have received lots of positive feedback about the event. Kevin is a great speaker with tons of wit and a flair for making points thoughtfully."
-Shane Westcott, Manager, Technology Support, Calgary Board of Education
"I think I speak for everyone when I say that Kevin delivered 100% today... He was engaging, entertaining, informative, and the response has been very good top to bottom. Beyond the presentation, he went above and beyond given the obstacles that were thrown at him by the venue... He deserves much credit for being flexible, open, and able to adapt, to what I am sure he will tell you, might be his most challenging presentation [situation] ever. [Our] Senior Leadership Team (President included) enjoyed the presentation and lunch where he was certainly the star. We hope that you can pass on our sincere thanks for a job well done."
- Feedback on a speech in May 2011 for a confidential company
"We were so lucky to have Kevin in our Conference! You were rated the best speaker of the whole seminar with an average score of 4.4 out of 5 points -- our audience found your content to be brilliant, breathtaking and hair-raising. Excellent job."
- Kirsi Antola, Talentum Events Oy, Helsinki, Finland (November 2010)
"I wanted to take a moment to express my deepest gratitude all of your hard work. I have worked for this company for 15 years. In that time, I have seen lectures given by vice presidents, heads of state, senators, legendary theoretical physicists and even financial gurus; however, your presentation was the first time I have seen our employees rush the stage to meet the speaker. In the last three days, I have received many requests from our employees asking if they can view the presentation again... I have received nothing but accolades on your presentation. You truly captured our audience and made IT Security awareness interesting and entertaining."
Feedback on a speech on September 16th, 2010 for a confidential government agency
"Kevin's presentation was fantastic and he was delightful to work with—very accommodating and very gracious!"
June 2, 2010
"We were delighted to bring Kevin back for a second appearance at our annual event—and he did a great job! He had many interactive demonstrations to illustrate his speaking points and he put in the time, in advance, to ensure that they all worked perfectly on-site. His customized speech on PCI compliance was very relevant to our audience."
May 13, 2010
"Social engineering is a section of Security that is not always taken into account. Today is becoming more important with the web 2.0 and social networks. Mr. Mitnick / Kevin showed us the importance and risks of it in a pleasant, simple and powerful way. The audience was captivated by his live demonstrations showing how easy can be an attack by social engineering."
April 8, 2010
"Mission accomplished! Thanks for giving us a great presentation at the World Game Protection Conference. The general feedback I have had from attendees on your talk can be summed up as "scary" (I mean that in a scary good way). You opened their eyes and that's what I wanted. Well done."
World Game Protection
February 26, 2010
"[Kevin's] session was extremely successful... we appreciated his participation at HIMSS09!"
Program Manager, North America Education
"I would like to thank you for being one of our keynote speakers at the inaugural Cyber Awareness Summit this month. I know that you have a very busy schedule, and I truly appreciate you making the effort and taking the time. You did an excellent job and we really appreciate your participation."
- Cyber Innovation CenterClick Here to download the Original PDF
"The way you and each panel member interacted demonstrated an obvious synergy that made everyone comfortable and kept the discussion interesting and 'alive'."
- ASIS International 2008 (Click Here for PDF)
2011 Las Vegas Social Engineering Workshop
A two-day course covering:
- Social engineering case studies, attack methods, vulnerabilities in the human firewall, and techniques to protect your business
- Security policies development, follow-through, assessment, and training
Sign up now >>
FBI Social Engineering Manual Revealed!
Federal Bureau of Investigation (FBI) Monograph: Pretexts and Cover Techniques - May 1956
FBI Computer Crime Survey
“This computer security survey eclipses any other that I have ever seen. After reading it, everyone should realize the importance of establishing a proactive information security program.” - Kevin Mitnick
Click Here To Download The Report