So you think your data is secure?
On this year’s edition of CeBIT, which took place on 19th of March 2015 in Hannover, we had a chance to listen to Kevin Mitnick, once called America’s Most Wanted Criminal. Mitnick used to be a hacker and even ended up in jail. Right now, he protects global companies against, as he calls them, ‘Kevin Mitnicks of today’
During the talk Mitnick told his story of black hat turned good. He mentioned his beginnings, when he was hacking phones to pull pranks on his friends. However, little by little he became more interested in hacking and turned to bigger devices. He managed to steal teacher’s passwords during computer classes and search the trashcans looking for Pacific telecom’s data details (which, by the way, he found). However, he claims he didn’t do it for personal gain but out of pure curiosity and to learn more about the craft.
On CeBIT, Mitnick performed many hacking presentations, showing that hacking can be a piece of cake, assuming you have the necessary skills. The least vulnerable devices or systems are those that are usually most threatened like, among others, USB sticks, proximity cards or pdf files.
So, let’s focus on these three:
- USB sticks – the most important thing we need to remember is to ‘never plug in devices from an unknown source.’ USB attacks are quite common, because they can easily become H.I.D devices (human interface devices) and compromise your data privacy. This transformation also may lead to changing your laptop into a room bug or spying on you via webcam.
- Hit/proximity cards – as the market is expanding incredibly fast, there are special devices and applications that enable hackers to gather the data from a very close proximity. The collected credentials might be used to duplicate the card and get access to buildings and doors. However in this case there is a solution. You can provide yourself with special card holders that block signals from the outside, disabling these signals and at the same time making your data secure.
- Pdf files – this one is tricky because it is enough that we tell you to open files only from trusted sources. But nowadays, hackers will do everything to trick you into accessing the files anyway. They can create a fake website, profiles or addresses that look trustworthy for you and it will ease their way through installing malware. Now that you know that be careful and think twice before opening a sketchy-looking pdf.
Also when it comes to stealing your identity, Mitnick showed that he can access any personal information within 60 second. All he needs is the name and a city. However, he could only do it with US citizens, since the data there is stored in databases that private investigators have access to. Phones are also a hackable piece of cake for him, but as it turned out during the presentation, this trick didn’t work on all providers. if you want to see how it was done, watch the presentation here.
At the end of the presentation, Mitnick mentioned that he had paid the price for his actions because it wasn’t easy to bounce back from his bad reputation. However, he managed to turn the situation around and now runs one of the most successful private investigation firms in the US. Thanks to his experience he can now prevent your office or company from being easy to hack in the future.
Do you think you need help?
Learn more about security