Kevin David Mitnick (born August 6, 1963) is an American computer security consultant, author, and convicted hacker. He is best known for his high-profile 1995 arrest and five years in prison for various computer and communications-related crimes.
He now runs the security firm Mitnick Security Consulting, LLC. He is also the Chief Hacking Officer and part owner of the security awareness training company KnowBe4, as well as an active advisory board member at Zimperium, a firm that develops a mobile intrusion prevention system.
- 1Early life and education
- 5See also
- 8External links
Early life and education[edit source]
Mitnick was born in Van Nuys, California, on August 6, 1963.[self-published source?] He grew up in Los Angeles and attended James Monroe High School in Los Angeles, California, during which time he became an amateur radio operator. He was later enrolled at Los Angeles Pierce College and USC. For a time, he worked as a receptionist for Stephen S. Wise Temple.
Computer hacking[edit source]
At age 12, Mitnick got a bus driver to tell him where he could buy his own ticket punch for “a school project”, and was then able to ride any bus in the greater LA area using unused transfer slips he found in a dumpster next to the bus company garage.
Mitnick first gained unauthorized access to a computer network in 1979, at 16, when a friend gave him the phone number for the Ark, the computer system that Digital Equipment Corporation (DEC) used for developing its RSTS/E operating system software. He broke into DEC’s computer network and copied the company’s software, a crime for which he was charged and convicted in 1988. He was sentenced to 12 months in prison followed by three years of supervised release. Near the end of his supervised release, Mitnick hacked into Pacific Bell voicemail computers. After a warrant was issued for his arrest, Mitnick fled, becoming a fugitive for two-and-a-half years.
According to the U.S. Department of Justice, Mitnick gained unauthorized access to dozens of computer networks while he was a fugitive. He used cloned cellular phones to hide his location and, among other things, copied valuable proprietary software from some of the country’s largest cellular telephone and computer companies. Mitnick also intercepted and stole computer passwords, altered computer networks, and broke into and read private e-mails.
Arrest, conviction, and incarceration[edit source]
After a well-publicized pursuit, the FBI arrested Mitnick on February 15, 1995, at his apartment in Raleigh, North Carolina, on federal offenses related to a two-and-a-half-year period of computer hacking which included computer and wire fraud. He was found with cloned cellular phones, more than 100 cloned cellular phone codes, and multiple pieces of false identification.
In December 1997, the Yahoo! website was hacked, displaying a message calling for Mitnick’s release. According to the message, all recent visitors of Yahoo!’s website had been infected with a computer worm that would wreak havoc on Christmas Day unless Mitnick was released. Yahoo! dismissed the claims as a hoax and said that the worm was nonexistent.
Mitnick was charged with wire fraud (14 counts), possession of unauthorized access devices (8 counts), interception of wire or electronic communications, unauthorized access to a federal computer, and causing damage to a computer.
In 1999, Mitnick pleaded guilty to four counts of wire fraud, two counts of computer fraud, and one count of illegally intercepting a wire communication, as part of a plea agreement before the United States District Court for the Central District of California in Los Angeles. He was sentenced to 46 months in prison plus 22 months for violating the terms of his 1989 supervised release sentence for computer fraud. He admitted to violating the terms of supervised release by hacking into Pacific Bell voicemail and other systems and to associating with known computer hackers, in this case co-defendant Lewis De Payne.
Mitnick served five years in prison—four-and-a-half years’ pre-trial and eight months in solitary confinement—because, according to Mitnick, law enforcement officials convinced a judge that he had the ability to “start a nuclear war by whistling into a pay phone”, implying that law enforcement told the judge that he could somehow dial into the NORAD modem via a payphone from prison and communicate with the modem by whistling to launch nuclear missiles. In addition, a number of media outlets reported on the unavailability of kosher meals at the prison where he was incarcerated.
He was released on January 21, 2000. During his supervised release, which ended on January 21, 2003, he was initially forbidden to use any communications technology other than a landline telephone. Mitnick fought this decision in court, eventually winning a ruling in his favor, allowing him to access the Internet. Under the plea deal, Mitnick was also prohibited from profiting from films or books based on his criminal activity for seven years, under a special judicial Son of Sam law variation.
In December 2001, an FCC judge ruled that Mitnick was sufficiently rehabilitated to possess a federally issued amateur radio license. Mitnick now runs Mitnick Security Consulting LLC, a computer security consultancy and is part owner of KnowBe4, provider of an integrated platform for security awareness training and simulated phishing testing.
Mitnick’s criminal activities, arrest, and trial, along with the associated journalism, were all controversial. Though Mitnick has been convicted of copying software unlawfully, his supporters argue that his punishment was excessive and that many of the charges against him were fraudulent and not based on actual losses.
In his 2002 book, The Art of Deception, Mitnick states that he compromised computers solely by using passwords and codes that he gained by social engineering. He claims he did not use software programs or hacking tools for cracking passwords or otherwise exploiting computer or phone security.
The case against Mitnick tested the new laws that had been enacted for dealing with computer crime, and it raised public awareness of security involving networked computers. The controversy remains, however, and the Mitnick story is often cited today as an example of the influence that newspapers and other media outlets can have on law enforcement personnel.
Since 2000, Mitnick has been a paid security consultant, public speaker, and author. He does security consulting for, performs penetration testing services, and teaches Social Engineering classes to companies and government agencies. His company Mitnick Security Consulting is based in Las Vegas, Nevada where he currently resides.
In 2000, Skeet Ulrich and Russell Wong portrayed Kevin Mitnick and Tsutomu Shimomura, respectively, in the movie Track Down (known as Takedown outside the US), which was based on the book Takedown by John Markoff and Tsutomu Shimomura. The DVD was released in September 2004. A 2001 documentary named Freedom Downtime was produced by 2600: The Hacker Quarterly in response to Takedown.
Written by Mitnick[edit source]
Mitnick is the co-author, with William L. Simon and Robert Vamosi, of four books, three on computer security and his autobiography:
- (2003) The Art of Deception: Controlling the Human Element of Security
- (2005) The Art of Intrusion: The Real Stories Behind the Exploits of Hackers, Intruders & Deceivers
- (2011) Ghost in the Wires: My Adventures as the World’s Most Wanted Hacker
- (2017) The Art of Invisibility
Authorized by Mitnick[edit source]
- (1996) The Fugitive Game: Online with Kevin Mitnick. In this book author Jonathan Littman presented Mitnick’s account of his story, as John Markoff’s book Takedown (1996) and Jeff Goodell’s Cyberthief and the Samurai (1996) presented Shimomura’s side (when Mitnick was legally unable to publish and profit from his own story).
See also[edit source]
- Kevin Poulsen
- “My kung fu is stronger than yours“
- List of computer criminals
- The Secret History of Hacking
- ^ Jump up to:a b Gengler, Barbara (1999). “Super-hacker Kevin Mitnick takes a plea”. Computer Fraud & Security. 1999 (5): 6. doi:10.1016/S1361-3723(99)90141-0.
- ^ “Kevin Mitnick’s Federal Indictment”. Archived from the original on May 18, 2014. Retrieved September 13, 2014.
- ^ “#089 Fugitive Computer Hacker Arrested in North Carolina”. justice.gov. Archived from the original on June 13, 2013.
- ^ Jump up to:a b “Kevin Mitnick Case: 1999 – No Bail, No Computer, Hacker Pleads Guilty”. jrank.org.
- ^ “HEARING DESIGNATION ORDER (FCC 01-359)” (PDF). Federal Communications Commission. December 21, 2001. Retrieved December 3, 2015.
- ^ “Kevin Mitnick sentenced to nearly four years in prison; computer hacker ordered to pay restitution to victim companies whose systems were compromised” (Press release). United States Attorney’s Office, Central District of California. August 9, 1999. Archived from the original on June 13, 2013.
- ^ Jump up to:a b “Free Kevin, Kevin Freed”, Jan 21, 2000, Jason Kroll, Linux Journal
- ^ “Ex-hacker reveals tricks of the trade”. AsiaOne Digital. Archived from the original on July 23, 2015.
- ^ KnowBe4. “Kevin Mitnick Partners With KnowBe4”. http://www.prnewswire.com. Retrieved April 18, 2020.
- ^ Darlene Storm (July 19, 2012). “Interview: World’s most famous hacker, Kevin Mitnick, on mobile security & Zimperium”. Computerworld. Archived from the original on December 26, 2013.
- ^ Alex Williams. “Zimperium Raises $8M For Mobile Security That Turns The Tables On Attackers”. TechCrunch. AOL.
- ^ Merritt, Tom (2012). Chronology of Tech History. Lulu.com. p. 87. ISBN 978-1-300-25307-5.[self-published source]
- ^ Jump up to:a b c Mitnick, Kevin (2011). Ghost in the Wires: My Adventures as the World’s Most Wanted Hacker. Little, Brown and Company. ISBN 978-0-316-03770-9.
- ^ Mills, Elinor. “Q&A: Kevin Mitnick, from ham operator to fugitive to consultant”. cnet.com. CNET. Retrieved December 18, 2017.
- ^ Greene, Thomas C. (January 13, 2003). “Chapter One: Kevin Mitnick’s story”. The Register. Archived from the original on September 12, 2012.
- ^ “The Missing Chapter from The Art of Deception by Kevin Mitnick”. thememoryhole.org. Archived from the original on March 17, 2009. Retrieved February 16, 2020.
- ^ “Freedom Downtime – The Story of Kevin Mitnick : 2600 Films : Free Download, Borrow, and Streaming : Internet Archive”. Internet Archive. October 23, 2016. Retrieved May 14, 2019.
- ^ “Fugitive computer hacker arrested in North Carolina” (Press release). United States Department of Justice. February 15, 1995. Archived from the original on June 29, 2012.
- ^ Colbert Report
- ^ Pnter, Christopher M.E. (March 2001). “Supervised Release and Probation Restrictions in Hacker Cases” (PDF). United States Attorneys’ USA Bulletin. Executive Office for United States Attorneys. 49 (2).
- ^ “Yahoo Hack: Heck of a Hoax”. Wired. December 9, 1997.
- ^ Original text posted to Yahoo’s website.
- ^ “Computer Hacker Kevin Mitnick Sentenced to Prison”. fas.org. June 27, 1997. Retrieved February 16, 2020.
- ^ Mills, Elinor (July 20, 2008). “Social Engineering 101: Mitnick and other hackers show how it’s done”. CNET News. Archived from the original on July 13, 2012.
- ^ “Famed hacker to Snowden: Watch out”. CNN.
- ^ “Life Not Kosher for Mitnick”. Wired. August 18, 1999. Archived from the original on September 18, 2012.
- ^ Bowker, Art. “Hackers, Sex Offenders, and All the Rest”. Retrieved September 14, 2018.
- ^ “F.C.C. Lets Convicted Hacker Go Back on Net”. The New York Times (Press release). December 27, 2002.
- ^ Noory, George (January 7, 2019). “Cybercrime & Security”. Coast to Coast AM. Retrieved January 8, 2019.
- ^ Miller, Greg (March 27, 1999). “Judge Accepts Mitnick’s Guilty Plea on 7 Counts”. Los Angeles Times. Retrieved February 16, 2020.
- ^ Randolph, Donald C. “About Kevin’s Case”. Free Kevin Mitnick. Archived from the original on April 24, 2006.
- ^ “Defense consolidated motion for sanctions and for reconsideration of motion for discovery and application for expert fees based upon new facts”. Free Kevin Mitnick. June 7, 1999. Archived from the original on December 22, 2005.
- ^ John Christensen (March 18, 1999). “The trials of Kevin Mitnick”. Retrieved December 11, 2018.
- ^ “Kevin Mitnick’s Security Advice”. Wired.
- ^ Skeet Ulrich, Russell Wong (2004). Track Down (DVD). Dimension Studios.
- ^ Mitnick, Kevin; Simon, William L. (October 2003). The Art of Deception: Controlling the Human Element of Security. Wiley Books. ISBN 978-0-7645-4280-0.
- ^ Mitnick, Kevin; Simon, William L. (December 27, 2005). The Art of Intrusion: The Real Stories Behind the Exploits of Hackers, Intruders & Deceivers. Wiley Books. ISBN 978-0-7645-6959-3.
- ^ Mitnick, Kevin; Simon, William L. (2011). Ghost in the Wires: My Adventures as the World’s Most Wanted Hacker. Little, Brown and Company. ISBN 978-0-316-03770-9. Archived from the original on November 4, 2011. Retrieved August 27, 2019.
- ^ Mitnick, Kevin; Vamosi, Robert (February 2017). The Art of Invisibility. Little, Brown and Company. ISBN 978-0-3163-8049-2.
- ^ Hafner, Katie. “The Fugitive Game: Online with Kevin Mitnick: Jonathan Littman: Books”. Retrieved May 16, 2011.
- Kevin Mitnick with Robert Vamosi, The Art of Invisibility, 2017, Hardback ISBN 978-0-316-38049-2
- Kevin Mitnick and William L. Simon, Ghost in the Wires: My Adventures as the World’s Most Wanted Hacker, 2011, Hardback ISBN 978-0-316-03770-9
- Kevin Mitnick and William L. Simon, The Art of Intrusion: The Real Stories Behind The Exploits Of Hackers, Intruders, And Deceivers, 2005, Hardback ISBN 0-471-78266-1
- Kevin Mitnick, The Art of Deception: Controlling the Human Element of Security, 2002, Paperback ISBN 0-471-23712-4
- Jeff Goodell, The Cyberthief and the Samurai: The True Story of Kevin Mitnick-And the Man Who Hunted Him Down, 1996, ISBN 978-0-440-22205-7
- Tsutomu Shimomura, Takedown: The Pursuit and Capture of Kevin Mitnick, America’s Most Wanted Computer Outlaw-By the Man Who Did It, 1996, ISBN 0-7868-8913-6
- Jonathan Littman, The Fugitive Game: Online with Kevin Mitnick, 1996, ISBN 0-316-52858-7
- Katie Hafner and John Markoff, CYBERPUNK – Outlaws and Hackers on the Computer Frontier, 1995, ISBN 1-872180-94-9
- Littman, Jonathan (June 2007). “The Invisible Digital Man” (PDF). Playboy. Archived from the original (PDF) on March 4, 2016.
- Fost, Dan (May 4, 2000). “Movie About Notorious Hacker Inspires a Tangle of Suits and Subplots”. San Francisco Chronicle. Retrieved April 24, 2007.
- Darell, Khin. “From Being Hunted By The FBI To Working Alongside Them- Kevin Mitnick”. Appknox. Retrieved May 27, 2016.
- Ehrlich, Thomas. “Renowned security expert Kevin Mitnick can steal your identity in 3 minutes”. Forbes. Retrieved July 17, 2015.