Malware creators have used social engineering to maximize the range or impact of

Question

Malware creators have used social engineering to maximize the range or impact of their viruses, worms, etc. For example, the ILoveYou worm used social engineering to entice people to open malware-infected e-mail messages. The ILoveYou worm attacked tens of millions of Windows computers in May 2000 when it was sent as an e-mail attachment with the subject line: ILOVEYOU. Often out of curiosity, people opened the attachment named LOVE-LETTER-FOR-YOU.TXT.vbs—releasing the worm. Within nine days, the worm had spread worldwide crippling networks, destroying files, and causing an estimated $5.5 billion in damages. Notorious hacker Kevin Mitnick, who served time in jail for hacking, used social engineering as his primary method to gain access to computer networks. In most cases, the criminal never comes face-to-face with the victim, but communicates via the phone or e-mail.

QUESTION:

Research Kevin Mitnick on the Internet. What was he able to do and how did he do it? Why did it take such a long time to be caught? How was he caught?

Explanation / Answer

Kevin Mitnick is an American Computer security consultant, author and hacker, best known for his high-profile 1995 arrest and later five years in prison for various computer and communications-related crimes. At age13, Mitnick used social engineering and dunpster diving to bypass the punch card system used in the Los Angeles bus system. Mitnick first gained unauthorized access to a computer network in 1979, at 16, when a friend gave im the phone number of Ark, the computer system DEC used for developing their RSTS/E operating system software. He broke into DEC's computer network and copied their software, a crime he was charged with and convicted of in 1988. He was sentenced to 12 months prison followed by three years of supervised release. Near the end of his supervised release, Mitnick hacked into pacific Bell voice mail computers. After a warrant was issued for his arrest, Mitnick fled, becoming a fugitive for two and a half years.

According to the U.S Department of Justice, Mitnick gained unauthorized access to dozens of computer networks while he was a fugitive. He used cloned cellular phones to hide his location and, among other things, copied valuable proprietary software from some of the country's largest cellular telephone and computer companies. Mitnick also intercepted and stole computer passwords, altered computer networks and broke into and read private e-mails.

After a well-publicized pursuit, the FBI arrested Mitnick on Feb 15,1995, at his apartment in Raleigh, North Carolina, on federal offenses related to a two and a half year period of computer hacking which included computer and wire fraud. Mitnick was charged with wire fraud, possession of unauthorized access devices, interception of electronic communications, unauthorized access to a federal computer, and causing damange to a computer. Mitnick served five years in prison- four and a half years pre-trail and eight months in solitary confinement-because, according to Mitnick, law enforcement officials convinced a judge that he had the ability to "start a nuclear war by whistiling into a pay phone", meaning that law enforcement told the judge that he could somehow dial into the NORAD modem via a paypone from prison and communicate with the modem by whistling to launch nuclear missiles. He was released on january 21, 2000. During his supervised release, which ended on january 21, 2003, he was initially forbidden to use any communications technology other than a landline telephone. Mitnick fought this decision in court, eventually winning a ruling in his favour, allowing him to access the internet.

Related Questions

Navigate

• Browse (All)
• Browse M
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.