Mitnick gains access to DEC computers after social engineering himself a developer's account
Incident Date: 1979 Incident Location: Los Angeles CA USA Late in the year 1979, Kevin Mitnick was dared by a group of fellow hackers to hack into a computer system named "The Ark" at Digital Equipment Corporation (DEC). This system was used to maintain the source code for DEC’s RSTS/E operating system software. Provided with only the computer’s modem dial-up number, Mr. Mitnick knew he would need more to win the dare. After finding out the name and phone number of The Ark’s system administrator, Mr. Mitnick gave him a call. Posing as Anton Chernoff, one of the lead developers at DEC, Mr. Mitnick claimed he couldn’t log into his account. Convinced that he really was Mr. Chernoff, the system administrator created an account and password for him. The Ark also required a separate dial-up password, "buffoon", which was provided to Mr. Mitnick as well. Mr. Mitnick demonstrated his new access to members of the hacker group, who were apparently quite surprised at his accomplishment. At least one member of this group reportedly took the credentials supplied by Mr. Mitnick, logged into The Ark with them, and began copying DEC source code. Ironically, once they had downloaded what they wanted, they called the corporate security department at DEC and informed them of Mr. Mitnick’s hack. DEC initially charged Mr. Mitnick with $4 million in damages related to the crime, but U.S. Attorney James Sanders later admitted the real cost of fixing the security holes was closer to $160,000. Story Sources Title: Missing Chapter from The Art of Deception book Author: Kevin Mitnick Date: Publication: 2002 Publication Location: USA Publication URL: http://www.thememoryhole.org/lit/deception-ch1.htm Do you have additional information to contribute regarding this story? If so, please email siteupdates@passwordresearch.com with the details and source.
<-- Back to Authentication Story Index |