Cyber Adversary Characterization: Auditing the Hacker Mind

A Look Back
Kevin D. Mitnick Attack, Weighed and Measured!
In Chapter 1 we heard how the infamous Kevin Mitnick penetrated the information systems of a small software firm in the Californian San Fernando Valley. His objective in the attack was to retrieve a network sniffer designed to operate on networks using a proprietary computer networking protocol named DECNET, designed by Digital Equipment Cooperation (DEC). Although Kevin s objective in the attack was to acquire access to a network sniffer, his ultimate objective was to use it on DEC s own internal network (called EasyNet) to capture authentication credentials to access DEC s engineering network, on which was stored the proprietary source code for DEC s Virtual Memory System (VMS) operating system.
Let s now reflect on the detailed attack against BadgerComp systems. What were Kevin s real motivations? What was he getting out of the attack, and what variables were present that made his attack such a success?
At the time of Kevin s attacks, the general level of awareness in the United States of the ways that information systems, such as those Kevin compromised, could be attacked was low compared to today s levels. The Internet was only just beginning to take shape, and people s general focus was on what they could create with this new technology and not what people could break into. Many groups of computer enthusiasts such as those to which the infamous John...