How The FBI Caught the World's Most Wanted Hacker

kevin Mitnick was once known as the world's most-wanted social engineer and computer hacker one doesn't acquire a title like that nor an accompanying prison sentence for simple exploits he brought down some of the biggest companies and government organizations in the world but in the end his life of crime caught up to him and he was sent to prison for five years today we're learning how the FBI caught the most-wanted hacker in history mitnick's love for bypassing code began at the early age of 12 his main tools were reported to be social engineering and dumpster-diving which

helped him bypassed punch card systems used in the los angeles bus system he was said to have convinced a bus driver to tell him where he could buy his ticket punched for a so-called school project what drew me into hacking was my love for magic he said magic so as a young boy I used to ride my bicycle over to the magic store after school to watch the salespeople perform these tricks over and over and over again and then when I ended up in high school I met this kid who could work magic with a

telephone and he did all these tricks he was able to get my mum's unlisted telephone number following this he was able to ride any bus in the greater LA area using unused transfer slips he found in a dumpster next to the bus company garage social engineering later became his primary method of obtaining information which included usernames and passwords and modem phone numbers miss Nick's first unauthorized access to a computer network in 1979 at the age of 16 gave him access to the Digital Equipment Corporation computer system he was reported to have broken into de C's

computer network and later cloned their software this was one of the few and early crimes he was charged and convicted of in the year of 1988 following his conviction he was sentenced to 12 months in prison which was followed by three years of released supervision by authorities near the end of his supervised release Mitnick was recorded to have hacked into the Pacific Bell voice mail computers and was now really playing with fire this was enough for officials to release an arrest warrant which had Mitnick fleeing from authorities and a fugitive for about two and a

half years but despite mitnick's desire to keep a low profile and his ethos of hacking systems for the pursuit of knowledge and adventure and not for personal profit he was labeled as the bad guy in a book published in 1995 cyberpunk outlaws and hackers on the computer frontier authors Hafner and Markoff labeled Mitnick as a darkside hacker afterward USA Today published a picture of mitnick's face superimposed over an image of Darth Vader this was when he became the FBI's most wanted many people believe the FBI was most scared because the agency had a poor understanding

of the way computers work they felt vulnerable and decided to take out the threat Mitnick was holed up in Denver Colorado at the time he liked it because it felt remote in the mountains but law enforcement was breathing down his neck the whole time I just started creating resumes and looking at newspapers I'd tailor my background to match 90% of what they were looking for he said referencing the new identity he made for himself and give my own references it wasn't hard I created my own past miss Nick was conscious not to make any good

friends or date because his picture was all over the news he had favorite bars and restaurants but he was never overly friendly with other patrons so they would not identify him known for being overweight Mitnick started hitting the gym every day in order to change his look and body type he even put painful rocks in his shoes in order to change his gait it's the number one way you can be recognized said Mitnick who spent evenings hacking I just took it day by day looking over your shoulder was no way to live I treated it

like I wasn't even on the run and when I treated it like that I didn't have that stress cops would drive by and I'd be like hi I didn't care it wasn't like my picture was all over the news or on America's Most Wanted he said once I got on the front page of the New York Times I became a very high priority they used a bad photo that made me look evil and grimacing so I go that's great I look totally different after growing tired of Denver myth Nick became Brian Merrill and moved to

Seattle where he worked at a tech firm from here Kevin made a powerful enemy that ultimately led to his capture Tsutomu Shimomura it was a bold move because Shimomura was a respected security expert and a character almost as complex as Mitnick a 30 year old science geek Shimomura was also a Japanese citizen a ski bum a long-haired computational physicist and a hacker himself but unlike Mitnick every time similar his explorations uncovered security holes he reported them to security authorities not to hackers so in December 1994 when someone broke into Tsutomu Shimomura elaborate computer system in

his San Diego home using a never-before-seen sophisticated hacking method and then stole some fancy cellular phone tools Shimon Mora took it as a personal challenge when the trail led to Mitnick shimomura became a cyber sleuth on a mission to catch kevin from the 1970s up until his last arrest in 1995 kevin Mitnick skillfully eluded and bypassed corporate security safeguards penetrating some of the most well-guarded systems including amongst countless others the likes of Sun Microsystems Digital Equipment Corporation Motorola Netcom and Nokia he has even had to go on record and deny hacking into the Department of

Defense's North American Aerospace Defense Command and wiretapping the Federal Bureau of Investigation a 1994 New York Times profile breathlessly described him as having hacked into computers at the North American Air Defense Command as a teenager it wasn't true but it became part of his legend the FBI with the cooperation and technical support of Shimomura finally tracked him down in Raleigh California he was found with cloned cellular phones more than 100 cloned cellular phone codes and multiple pieces of false identification in 1999 as part of a deal he pled guilty to four counts of wire fraud

two counts of Computer Fraud and one count of illegally intercepting communications all told he spent five years in federal prison ending in 2000 it was even forced to spend eight months in solitary confinement because the guards were convinced he could control the computers systems around the jail he was released on January 21st 2000 during his supervised release which ended on January 21st 2003 he was initially forbidden to use any communications technology other than a landline telephone miss Nick fought this decision in court eventually winning a ruling in his favor allowing him to access the Internet

under the plea deal myth Nick was also prohibited from profiting from films or books based on his criminal activity for seven years in December 2002 an FCC judge ruled that miss Nick was mentally stable and well enough to possess a federally issued amateur radio license today kevin Mitnick runs a successful security company called Mitnick security his global ghost teams tests for weaknesses in companies security by trying to hack them ironically using all of the skills he learned as a black hat hacker clearly extremely intelligent and skilled at his job miss nick has written three books

and has largely defined what we know today about social engineering social engineering the practice of obtaining information such as passwords from people by deception and other means is still the predominant means by which hackers gained access to systems my primary business is doing penetration testing he said we test the physical security the technical security the people we test their wireless networks their VoIP phones we test everything across the board to look for vulnerabilities so our clients can fix them by testing Mitnick means accepting a large fee he didn't say how much to do to these

companies exactly what landed him in prison two decades ago gain entry to their computers their networks their phones and even their buildings by any means necessary without being detected and then to report back on how he did it and here's probably the most interesting fact Mitnick and his constantly changing team of specialty hackers have a 100% success rate that's no legend it's not even bragging he said it's just a fact today Mitnick says that although there are more ways of hacking into people's accounts and accessing private information the number one way in which the bad

guys get in has stayed the same since the 70s through talking people into giving up private information he calls this technique social generic social engineering is using manipulation deception and influence to get a target to comply with the request usually to give information or to click on an attachment in an email and once the victim opens up the attachment and follows the instructions of the attacker the computer is compromised on most of his jobs Mitnick is asked to attack not only at companies computers but also to full its employees into letting him walk right into

places from which he would otherwise be locked out these social engineering attacks amount to tricking someone with access to a computer or a building or some other asset to give up information hacking humans is easier than hacking computers the most effective way to carry out an attack is to get the client a person to do something stupid he said and as the old saying goes there's no cure for stupid so even though he was once demonized by the government and big business Mitnick has turned into a sort of altruistic hacker tearing security systems apart in

order to reveal imported Vollmer abilities in code now that he has paid his dues sitting in jail kevin Mitnick is one of the most celebrated hackers of all time [Music]