Kevin Mitnick Quotes
-
A company can spend hundreds of thousands of dollars on firewalls, intrusion detection systems and encryption and other security technologies, but if an attacker can call one trusted person within the company, and that person complies, and if the attacker gets in, then all that money spent on technology is essentially wasted.
→ -
Social engineering bypasses all technologies, including firewalls.
→ -
I'm still a hacker. I get paid for it now. I never received any monetary gain from the hacking I did before. The main difference in what I do now compared to what I did then is that I now do it with authorization.
→ -
The intent of the individuals who created the DDoS attacks has nothing to do with hacking, and they are vandals, not hackers.
→ -
When an attacker fails with one person, they often go to another person. The key is to report the attack to other departments. Workers should know to act like they are going along with what the hacker wants and take copious notes so the company will know what the hacker is trying to find.
→ -
Garbage can provide important details for hackers: names, telephone numbers, a company's internal jargon.
→ -
I was addicted to hacking, more for the intellectual challenge, the curiosity, the seduction of adventure; not for stealing, or causing damage or writing computer viruses.
→ -
Choosing a hard-to-guess, but easy-to-remember password is important!
→ -
New security loopholes are constantly popping up because of wireless networking. The cat-and-mouse game between hackers and system administrators is still in full swing.
→ -
You can never protect yourself 100%. What you do is protect your self as much as possible and mitigate risk to an acceptable degree. You can never remove all risk.
→ -
No way, no how did I break into NORAD. That's a complete myth. And I never attempted to access anything considered to be classified government systems.
→ -
We have problems with our physical security, operational security through to management.
→ -
I characterize myself as a retired hacker. I'm applying what I know to improve security at companies.
→ -
I saw myself as an electronic joy rider.
→ -
So the ethic I was taught in school resulted in the path I chose in my life following school.
→ -
I obtained confidential information in the same way government employees did, and I did it all without even touching a computer. ... I was so successful with this line of attack that I rarely had to go towards a technical attack.
→ -
But a lot of businesses out there don't see the return on investment, they look at it as a liability, and until they can understand that proactive security actually returns, gives them a return on investment, it's still a hard sell for people.
→ -
My primary goal of hacking was the intellectual curiosity, the seduction of adventure.
→ -
I trust online banking. You know why? Because if somebody hacks into my account and defrauds my credit card company, or my online bank account, guess who takes the loss? The bank, not me.
→ -
When I was in prison, a Colombian drug lord, offered me $5 million in cash to manipulate a computer system so that he would be released. I turned him down.
→ -
Back in my day, I would probe by hand. Now you can get commercial software that does the job for you.
→ -
I did get a huge endorphin rush when I was able to crack a system because it was like a video game.
→ -
I was pretty much the government's poster boy for what I had done.
→ -
Of course I'm sure half the people there hate me and half the people like me
→ -
Hackers are breaking the systems for profit. Before, it was about intellectual curiosity and pursuit of knowledge and thrill, and now hacking is big business.
→ -
Some people think technology has the answers.
→ -
Oracle, for example, has even hired people to dumpster dive for information about its competitor, Microsoft. It's not even illegal, because trash isn't covered by data secrecy laws.
→ -
If you go to a coffee shop or at the airport, and you're using open wireless, I would use a VPN service that you could subscribe for 10 bucks a month. Everything is encrypted in an encryption tunnel, so a hacker cannot tamper with your connection.
→ -
The key to social engineering is influencing a person to do something that allows the hacker to gain access to information or your network.
→ -
As a young boy, I was taught in high school that hacking was cool.
→