Book Review: Ghost in The Wires – Kevin Mitnick

While attending the RSA show in February, I met Kevin (@KevinMitnick) and obtained a copy of The Art of Invisibility, which I immediately read. Due to the great many references to Kevin’s past, I thought it would be informative and worthwhile to read Ghost in the Wires. It’s also listed on the Tripwire 10 must-read books for information security professionals.

This book was written in 2011 with assistance from William L. Simon. It’s a historical account of Kevin’s life from his early childhood through his incarceration in federal prison and beyond.

The story begins with Kevin describing his propensity for being an early childhood escape artist. He provides a bit of insight into the early childhood influences that inspired his curiosity and introduced him to the world of hacking.

The first hack he details involved punching his own bus transfers, so he could ride the bus around Los Angeles for free. His idols include Bruce Lee, Harry Houdini and Jim Rockford, the fictional detective played by James Garner in “The Rockford Files.”

Kevin spent much of his time reading at the Survival Bookstore learning things that most people aren’t supposed to know. Two of his big influencers were The Paper Trip by Barry Reid and The Big Brother Game by Scott French. These books, combined with Kevin’s “urge to take a bite of knowledge from the forbidden apple,” set the groundwork for his lifetime of exploits and social engineering.

Kevin’s curiosity quickly expanded into the world of phreaking, lock picking, computer hacking, and social engineering. Over time, he sharpened his skills, expanded his computer savvy, and tackled large and seemingly impossible targets. His story provides a great insight into the mind and motivation of what the world calls “hackers.”

Even though he could have realized great financial benefit from the exploits he perpetrated, he didn’t. His real motivation time and time again was the sheer thrill of the chase and the satisfaction of a difficult mission accomplished.

As time passes, Kevin’s addiction to his craft deepened until the craft became the master and he the slave. He became a skilled and adept social engineer using those skills to obtain some of the most valuable corporate secrets imaginable and live on the run for many years.

As you read his adventures, you will understand more about the delicate balance between conscience and addiction. Kevin’s “need for speed” became his undoing, ultimately making him one of the FBI’s most wanted men.

His book describes in great deal the many breaches he conducted along with the story behind the techniques he used to attain his goals. He also describes his years on the run and the steps he took to avoid being caught. His inability to control his need to hack led to his capture and eventual jail time.

Throughout the book, Kevin points out some of the misconceptions and prejudices held by the public and law enforcement as it relates to the penalties imposed on those who get caught. Definitely food for thought.

You all have heard Sun Tzu’s quote about knowing your enemy and yourself. Ghost in the Wires offers a rare opportunity for us to dig into the mind of someone most in our field would consider the enemy. To protect, you need to focus on the vulnerabilities the bad guys target. This is an account worth reading.

If you are so inclined, each chapter begins with a challenge that requires a bit of skill to decipher. You can find the answers easily enough online, but working the challenges helps prepare your mind for what’s to come.

This very cool review and other interesting articles can be found at the source.

Source: Tripwire

Topics: Social Engineering, Speaking Engagements, The Art of Invisibility, The Paper Trip, cyber security, Harry Houdini, phone phreaking, cyber attack, Ghost in the Wires, Kevin Mitnick

Latest Posts

Kevin offers three excellent presentations, two are based on his best-selling books. His presentations are akin to technology magic shows that educate and inform while keeping people on the edge of their seats. He offers expert commentary on issues related to information security and increases “security awareness.”

The Growth of Third-Party Software Supply Chain Cyber Attacks

When testing your employees' social engineering readiness, your teams need simulated attacks that feel as if they’re coming from a nefarious engineer...

Read more ›

Bypassing Key Card Access: Shoring Up Your Physical Security

As you build additional layers of defense into your cybersecurity framework, it's important to implement physical security strategies as well.

Read more ›

How to Prioritize Your Pentesting Report’s Remediation Recommendations

If you recently received a penetration test, you’re on the right track to improving your cybersecurity posture. However, you may be wondering what the..

Read more ›