Hacker turned security expert Kevin Mitnick has been denied service by both his web host and his cell phone provider. HostedHere.net and AT&T argue that the barrage of hacker attacks on Mitnick’s accounts make them too difficult to defend. Said The Register’s Dan Goodin, “In asking Mitnick to take his business elsewhere, [the companies] seem to be making the tacit admission that they are unable to secure the accounts of users whose only fault is being a high-profile target.” Really? Is the public surprised that hackers can penetrate these systems?
When you wear the badge of “the most wanted computer criminal in United States history”, you become a moving target. Companies cower at your name, fellow hackers aim to dethrone you, and governments put you in solitary confinement for fear that your Captain Crunch-style phone phreaking skills will ignite nuclear war. Kevin Mitnick has paid dearly for his past life and has been made an example from his first arrest. But is it really surprising that AT&T and HostedHere.net are denying him service?
Mitnick is probably a formidable security expert, but the simple fact of the matter is that one man, let alone one company, is unlikely to be able to defend against multiple and persistent attackers. While Mitnick spends up to $20,000 per year on his phone bill, companies are likely spending at least twice that to protect his accounts.
Said Mitnick, “You’d think they’d like to talk to me and say ‘how do you think these guys are getting in?” Despite the fact that Mitnick has turned over a new leaf, one might understand why a company like AT&T would rather wash its hands of Mitnick as a client, rather than taking advice from him. After all, Mitnick’s combination of hacking and “social engineering” once gave him illegal access to computer systems at Motorola, Nokia, Siemens and allegedly the Pacific Bell Telephone Company – better known as AT&T California.