Former Professional Hacker Talks About The Business

Kevin Mitnick was arrested in 1995 for hacking into 40 of the biggest companies in the Unites States. Among these were IBM, Nokia, and Motorola.

Mitnick is now a top security consultant for some of the biggest companies in the world.

The former hacker showed ABC how easy it is to steal someones identity using public Wifi spots. He says cyber criminals set up fake WiFi networks that people will use, just like any other public Wifi.

“Once the victims are logged on, the hackers can record all of your keystrokes. This allows the hackers to identify your usernames and passwords if you access any personal information,” Mitnick said.

This also allows the hackers to send fake updates. Once installed, they gain full control of the victim’s computer system without anyone ever knowing.

“It is hard to believe, but all the tools anyone would need are so easily accessible, it’s just a matter of clicking and downloading. It’s so easy, that even students in school, with no formal training can just download these hacking systems,” Mitnick continued.

In the report, Jetstar and Suzuki were named as some of the big businesses that have been victims of cyber-attacks, resulting in the sale of user information up for sale on dark net. Data from government research networks, national sporting bodies, and even schools have been found to be hacked, and the data put up for sale.

Kaspersky released a list of nearly 70,000 systems that have been hacked, and user data sold online. Five days after the list was published, a separate list came out, confirming that the number was 170,000 systems. This includes the Jetstar and Suzuki breaches. Both companies have, and still are denying any credibility to these claims.

Jetstar released a statement shortly after the reports, that said their systems showed no signs of a breach. Suzuki says that they were aware of the breach, and are taking the appropriate security measures to stop future attacks.

Hackers take control of systems and computers in order to launch DDoS attacks (Distributed Denial of Service). This is the same form of attack used against the Australian Bureau of Statistics Census a few months ago. The attacks to Newsat were the worst they had ever seen.

“Our network was, as far as they could see, the most corrupted they had ever seen,” former CFO of Newsat Michael Hewins said.

Newsat used to be Australia’s largest satellite company and had plans for launching two satellites to kickstart the industry in Austrailia. After the cyber-attacks, liquidators were called in to sell off all of the assets that were left.

Daryl Peter, Newsat’s IT manager speculated that the hackers were watching them for well over two years.

“Newsat had been hacked and not just by teenagers in the basement or anything like that. Whoever was hacking us was very well funded, very professional, very serious hackers,” he commented.

Tim Wellsmore of the Australian Cyber Security Center says these attacks are just time bombs, with many system details already hacked.

“There is a lot of computers for sale on the dark web that have actually been hacked and compromised and are sitting there waiting to be used for attacks, that marketplace exists,” he said in an interview.

The Cyber Security Advisor speculates that the Chinese state hackers are behind the daily government hacks. The hackers are targeting government departments like the Bureau of Meteorology, Australian Trade and Investment Commission, and the Science Technology group of the Department of Defense.

Another report says that intelligence sources believed the attacks from China had been backed by the country’s government.

Alastair MacGibbon, Cyber Security Advisor guesses the attacks occurred on a daily basis, and we talked about very little. The Chinese Embassy spokesperson says the claims are false, and have no basis.

Austrade has been attacked multiple times, three major attacks occurred in 2011,2013, and 2014 resulting in hackers being able to infiltrate systems.

Source: ME

Topics: Social Engineering, Speaking Engagements, usernames, identity theft, penetration testing, personal information, phishing simulation, China attacks, Bureau of Meteorology, cyber criminals, DDos attacks, fake WiFi networks, IBM, Michael Hewins, Motorola, Newsat, Nokia, Password Management, record keystrokes, Jetstar, Kaspersky, Kevin Mitnick Security Awareness Training, Wifi spots, Suzuki, Tim Wellsmore, top security consultant, Alastair MacGibbon, Austrade, Australian Bureau of Statistics Census, Australian Trade and Investment Commission, cyber attack, Daryl Peter, Data Breach, Department of Defence, Distributed Denial of Service, Australian Cyber Security Center, Kevin Mitnick

Latest Posts

Kevin offers three excellent presentations, two are based on his best-selling books. His presentations are akin to technology magic shows that educate and inform while keeping people on the edge of their seats. He offers expert commentary on issues related to information security and increases “security awareness.”

Bypassing Key Card Access: Shoring Up Your Physical Security

As you build additional layers of defense into your cybersecurity framework, it's important to implement physical security strategies as well.

Read more ›

How to Prioritize Your Pentesting Report’s Remediation Recommendations

If you recently received a penetration test, you’re on the right track to improving your cybersecurity posture. However, you may be wondering what the..

Read more ›

Understanding Post-Inoculation Cybersecurity Attack Vectors

If you’ve recently improved your cybersecurity posture, you should know that the work to protect your company’s data is not over.

Read more ›