Kevin Mitnick - hacker after the pass

Written by Mitnick Security | Oct 19, 2018 12:00:00 AM

What does one of the most famous hackers in the world do after switching to the bright side of power? He advises others not to fall victim to those who act on the dark side. Kevin Mitnick admits in an interview with Press.pl that there are 100% safe systems, and he is on the side to minimize the risk. You hacked telephone networks, broke into the servers of the largest communication corporations, fooled you for years. Today you are a network security consultant. A former drug dealer may be a good policeman? 

With El Chapo (mexican drug baron - editorial note) this may not work, but it works for me. I am a consultant whose business is trustworthy, I have been doing positive things for almost 20 years, I have been helping my clients. It took me many years to build such a reputation. I have knowledge and skills acquired after - you can say - both sides of the power. And now, happily for me, it so happened that I can use this knowledge and experience for good purposes.

You've been a hacker for several decades. The technology has changed over the years, hackers too?

Of course. These security consultants, what is otherwise called hackers, are constantly looking for new technologies, checking protocols, methodologies and all available methods that allow them to break the security of the systems they are to test. So you can say that the situation related to technology and the hacker environment is very dynamic.

There are such noble characters of hackers as Lisbeth Salander from "Millennium"?

A great movie and a book, although it is a fictional story. I am trying to think about whether such noble characters really exist. Certainly there are such people, that is, those looking for gaps in security systems, consultants who operate on the principle of "full disclosure". In a responsible way, they provide clients for whom they work with information about security holes, giving them the time to fix the vulnerability before the information becomes public.

Large companies spend a lot of money on security, new technologies and staff training, but you are saying straight: security is an illusion. What do you take money for?

The truth is that this is not exactly an illusion. There are some gaps in every security system that pose a vulnerability risk. Of course, you can always say that I will get it right if I work on it properly. But that is not the point. I'm trying to get these companies to say that mistakes are made, there are gaps, situations that they are exposed to, or increase the likelihood of an attack. I help clients reduce this risk. My role is precisely to advise clients on how to reduce the likelihood of being on CNN sites due to an attack on them.

A few years ago I read about the fact that after hacking clients' accounts it is more profitable for the hacker to agree to keep silent than to spend millions of millions of years for additional security and compensation. It is true? A lot of companies do that?

This is a very dangerous practice. A few years ago, there was such a situation with Tesla: they paid 130,000 dollars for the one who hacked them to be quiet. On the other hand, it did not protect them, because the whole thing came to light. Now the question is, can you trust the person who attacked us, that she will actually stay silent after paying? It is known that in the case of ransomware you can consider this type of solution as the last resort to recover data. In general, you must remember that blackmailers, hackers, those who keep our ransom data, are the last people you can trust. An attempt to get along with someone like that is a very slippery ground.

Kevin Mitnick - from prosecuted "Condor" to a valued consultant

Kevin Mitnick (born in 1963) is one of the most famous hackers in the world. Known under the pseudonym Condor for a long time remained elusive for law enforcement agencies. In 1995, he fell into the hands of the FBI. Plea: burglary to important US computer systems. Although he left the prison cell in 2000, he was banned from using the Internet until 2003. He was never accused of being involved in the intrusions into the systems for money, which is why he became a hero oppressed by corporations. His defenders even created the "Free Kevin" movement. Currently a valued network security consultant.

To view this original article and other interesting articles, refer to the source.

Source: Press (Poland)