"Once you become aware of how a con game works you're in a much better position to defend yourself," reformed hacker Kevin Mitnick said on Monday night's program. He chronicled his life before and after his arrest for computer crimes, and offered tips to protect one's private information.
"What the worm did was exploit a known vulnerability," Mitnick said of the recent Internet intrusion that slowed down systems internationally."Businesses need to be concerned about configuration and patch management. Otherwise they're just low-hanging fruit," to be picked off he added. More ominously he warned of "Zero Day Exploits." "There's no fix for it," he said of a type of cyber infiltration that takes advantage of unrealized vulnerabilities, and is done to advance whatever the hacker's agenda is.
Kevin Mitnick's U-turn
Kevin Mitnick was released from federal prison in 2000 after serving time for cyber crimes. Since then he has turned his life around and now seeks to help citizens and companies from becoming the victim of information thieves. In the book he co-wrote, The Art of Deception he presents a variety of scenarios that con artists have used to swipe valuable facts. Referring to such criminals as "social engineers," Mitnick details how they use inside company lingo to manipulate employees, often over the phone, into giving them safeguarded data. In one chapter he writes about "The Invisible Employee," a woman he calls Shirley who is one of the rapidly growing legion of identity thieves. Shirley poses as "Norma Todd from the Cleveland office," to a customer service employee and through a set of seemingly innocent circumstances is able to finagle the service worker into giving her a voice mailbox.
After that is achieved, she continues the deception by speaking with another company employee, this time saying she is with "Collections in the Cleveland office." By claiming that her computer is in the process of being fixed by tech support, she requests confidential information about a "client," i.e. mother's maiden name, card number, payment history etc. From there she requests that the info. once gathered be left on her voicemail number should she not answer. "Since the phone number Shirley provided was clearly an external extension, there was no reason for any suspicion," Mitnick writes.
Did Father Wingate Foresee Disaster?
Father Andrew Wingate appeared in the first half-hour of Monday's show to discuss the prediction he made on the program back in January regarding a disastrous event occurring in the next 30 days. "It seemed like a good fit," he said regarding the Shuttle accident, "but we're still not sure," if it is the foreseen disaster, Wingate said. He did say that we were by no means over the hump and that things were going to get worse with two out-of-season tornadoes ripping through the US. And those tornadoes would be followed by an even larger one, he added.