Online edition of India's National Newspaper
Sunday, Nov 06, 2005
Online edition of India's National Newspaper Sunday, Nov 06, 2005 |
|
|
|
|
|
|
| International |
|
News:
Front Page |
National |
Tamil Nadu |
Andhra Pradesh |
Karnataka |
Kerala |
New Delhi |
Other States |
International |
Business |
Sport |
Miscellaneous |
Advts: Classifieds | Employment | Obituary |
International
-
India & World
Anand Parthasarathy
San Francisco: Cary Grant then, Kevin Mitnick now, only the names change. As the title of the classic Alfred Hitchcock thriller said, it takes a thief, "To catch a thief." But while Grant played a suave Riviera cat burglar, today's corporate honchos believe a cyber-thief is their best bet to help plug their security loopholes. Which is why Mr. Mitnick, the well-known hacker who was finally caught in 1994 after a spectacular series of cyber crimes and convicted and sentenced to five years in a U.S. prison, was on Thursday the keynote speaker on the last day of the SupportSoft User Forum here. Mr. Mitnick, who since his release in 2000 has set up his own firm, Mitnick Security Consulting, advises dozens of American firms about corporate defences, and helps `harden' their security measures by testing them — as any good hacker would. No doubt his experience of hacking into sensitive networks of Motorola and Fujitsu helps.
From his past
On Thursday, he regaled the 300-strong audience of technology geeks with anecdotes from what he calls `my unethical hacker past'. Then he went on to give a chilling, live demonstration of how easy it is to steal another person's telephone identity. With SupportSoft's founder-vice-president Cadir Lee as the `victim', he used a software he had written called Cross Site Scripting, to fool Mr. Lee into thinking that an incoming call came from 202-456-1414, the White House number. Imagine a business rival posing as your boss and trying to worm information from you, Mr. Mitnick suggested. In another demonstration, he showed how a visitor to an office might come in the uniform of a courier delivery man or repairman, and by attaching a tiny Universal Serial Bus (USB) drive to a personal computer for a few seconds could copy the last 20 files saved in the machine. Incidentally, USB drives are available easily in India. The moral: security is not just about computer firewalls; physical access is important too.
Advice
Mr. Mitnick's advice: Alert your help desk and call centre personnel to watch out against spurious and malicious callers posing as genuine employees. Change passwords monthly. Do not leave the company's password file in a single location as so many system managers do. SupportSoft which sponsored Mr. Mitnick's talk is a U.S.-based provider of real-time service management solutions, most of which are crafted at its Bangalore development centre.
Printer friendly
page
News:
Front Page |
National |
Tamil Nadu |
Andhra Pradesh |
Karnataka |
Kerala |
New Delhi |
Other States |
International |
Business |
Sport |
Miscellaneous |
|
|
|
The Hindu Group: Home | About Us | Copyright | Archives | Contacts | Subscription Group Sites: The Hindu | Business Line | The Sportstar | Frontline | The Hindu eBooks | The Hindu Images | Home |
Copyright © 2005, The
Hindu. Republication or redissemination of the contents of
this screen are expressly prohibited without the written consent of
The Hindu
|
