Mitnick to tackle social engineering in Australia
Mitnick -- who rose to prominence in the nineties for his five-year stint in US correctional facilities for computer-based offences, including an eight-month period in solitary confinement -- is scheduled to arrive in Sydney to present a two-day social engineering workshop on 12-13 April next year. The workshop is being run by ZDNet Australia.
The consultant's attendance has been confirmed following a visa approval process with Australian authorities that stretched out over several months. Mitnick told ZDNet Australia in an interview several weeks ago the process involved was "vigorous" and included the forwarding to authorities here of documentation from the FBI and a "rap sheet" from authorities in his home town of Las Vegas, Nevada.
Mitnick these days devotes a large chunk of his time to consultancy work, with his talents turned to productive uses such as educating companies about the threats to their networks posed by social engineering and helping them train employees to be more resistant to manipulative and unethical attacks on their organisation. He heads his own security consultancy, Defensive Thinking.
Mitnick told ZDNet Australia several weeks ago he was in the final stages of preparing his second book, tentatively titled The Art of Intrusion .
He told ZDNet Australia at the time he planned to have the manuscript with his publishers by end-September-early October, with publication expected late February-early March 2005.
Mitnick said late last year the new book -- which followed the success of his first text, The Art of Deception would detail real hacks, with the names and details of the hackers involved obscured.
The book will be a mix of "salacious" hacks conducted by both black-hat and white-hat hackers, as well as less innovative and less clever hacks that nevertheless exposed serious deficiencies in the information technology systems of business, academia and government. However, it will also discuss countermeasures to the assaults mentioned.
Mitnick's troubled relationship with the law, which kicked off in 1982, came to a head in 1995 after the FBI rounded up their man after two years on the run. The hacker served his sentence for a range of crimes, including computer fraud and theft, against companies such as Sun Microsystems and Motorola. He secured supervised release in early 2000 under stringent conditions, including not being allowed to use a computer. The government, however, relented a little and allowed him limited access until the conditions were fully lifted in January last year.
He said he regretted his behaviour, but said "you can't change the past, you can only change the present and the future".
When Mitnick spoke to ZDNet Australia a few weeks ago, he had just finished a presentation to 1600 high-school students -- after being introduced by Apple co-founder Steve Wozniak -- in which he discussed arriving at the position he was now in, but "via a different path".
Mitnick likened himself to Frank Abagnale Jr, a successful con artist whose story was dramatised in the Steven Spielberg film Catch Me If You Can. His story was, he said, the "Catch Me If You Can" of cyberspace.