Mitnick on hacking
Published: 04 Nov 2005 18:15 GMT
...an FTP server, mail server or DNS server, a lot of times you find those computers are not in the DMZ (De-Militarised Zone, a separate security area). Instead, they are on an internal network and the network is flat. So if you are able to compromise one, it is quite easy to spread access to other systems. Often times they even use the same passwords. Bottom line: More companies have to think of a defence-in-depth strategy, rather than just protecting the perimeter.
Over the past years we have seen a couple of arrests of virus
writers, bot herders and others. Everybody knows you were arrested as
well. Is law enforcement advancing? Are they doing the right thing and
catching the right people or are a lot still going free?
I am sure there are a lot of people doing this they don't catch.
Wireless networks are ubiquitous. It is very difficult for law
enforcement if somebody goes and takes a laptop and changes their media
access control address so you can't identify the machine. If you're out
in a car or van or sitting in a restaurant next to a wireless access
point and don't use the same access point all the time, it could be
extremely difficult to track you.
So there is a big challenge for law enforcement. Do you think they are doing a good job, or could they do better?
I don't know. We need stats for that. We need metrics on how many
criminals they are apprehending. It is a guess that they are getting
better, because they are getting help from the private sector. They are
probably better than they were 10 years ago, but I don't know their
capabilities. I know their strengths are in forensics. So if they seize
a computer of somebody thought to possess child pornography, they use
Encase and can recover that contraband. That's what they are good at.
In doing hacker investigations — I really don't know their
capabilities.
So what about when it comes to virus writers, bot herders, phishers?
With virus writers, I don't believe the FBI is technically
doing the analysis. They just farm it out to a Microsoft, Symantec or
McAfee because it is easier. These companies are not going to turn down
law enforcement because they are doing a public service.
Do you believe that more of these criminals should be caught?
They should try. But the bottom line is that there is so much
hacking going on that they have to set a dollar limit. Unless there is
a fraud or a loss that equals $50,000 (£28,000) — maybe $100,000 — they
are not going to investigate. Small criminals knowing this can always
stay under this threshold. That's at the federal level. Then there are
states, which might have a different monetary threshold, but their
competency is probably less than the feds.
Do you think if you were doing today what you did 10 years ago, would you be caught sooner?
If
I knew what I know now and I could use what I know now back then, no.
But if they had the technology that exists today, and I was doing the
exact thing I was doing, yes. Law enforcement's capabilities for
tracking communications are much greater than years ago.
Previous
Did you find this article useful?
188 out of 430 people found this useful
- Share this article:
