/introduction/ Cybercrimes and cyberattacks loom large in the connected world; the convenience that technology brings can easily be misused by bad actors. Kevin Mitnick, with his charming personality, beaming smile, and unassuming confidence about his exploits, was out there just to prove a point.

Kevin spent more than five years of his life in prison before becoming a professional hacker. As a child, he was fascinated by magic, enjoyed imitating others, and performed above average in his studies. Blessed with a good memory, a knack for impersonation, and a deep curiosity about technology, Kevin developed skills that eventually made him an exceptional hacker. In his later years, he became a security consultant, founded his own consulting company, and ultimately getting paid for the very hacking skills that once landed him into trouble .

/social engineering/ Kevin had known how to manipulate people since he was a child. A smooth talker, 12-year-old Kevin once asked a bus driver where he could buy a ticket-punching device. He then searched for unused tickets in a dumpster near the bus yard. Growing up in Southern California, he spent his spare time traveling all around the county by punching his own bus tickets while his mother was at work .

Kevin had remarkable insight into social engineering techniques—people naturally trust those who can establish credibility, such as someone posing as an authorized company employee. His approach to social engineering was surprisingly simple and straightforward. Kevin would meticulously research the target company, gathering details about its departmental structure, business units, operations, employee hierarchy, senior management, and the industry-specific lingo and terminology. Armed with this knowledge, he would execute his hacking attempts with precision.

/phreaking out/ Kevin was attracted to technology and communication devices. At the age of thirteen, he built a ham radio and took the exams to obtain an Federal Communications Commision (FCC)  license. Kevin learned about telephone switching and networks. He social engineered his way through the employees and security staff and entered the premises of telecom company Pac Tell in his area and collected sensitive information that would allow him to set up call forwarding & monitoring. He could dial phone numbers by manipulating tones to make free calls or access restricted lines . He started hacking the nearest McDonald’s radio & messing around with customer orders. Kevin became a member of the phone hacking community or phreakers as they were known .

/cracking the code/ Kevin was no longer interested in attending school, and at 16, he opted to complete the GED instead of pursuing a regular high school diploma. He was teaching himself about computers alongside his hacker friends. At one point, he persuaded a school administrator to share his password, allowing him to use these credentials to dial into external phone lines via a modem attached to the computer. Kevin began visiting university campuses to access free computer lab time, as this was before the era of personal computers. He later went on to hack into systems at DEC, PacBell, Motorola, Sun Microsystems, Novell, and many other companies. Kevin would befriend, cajole & pretext employees and also trespass physical premises to retrieve system admin passwords. Once inside company network, Kevin would find vulnerable systems that were not adequately patched. He then installed phishing applications, cracked passwords, and collected sensitive information from banks and the Department of Motor Vehicles (DMV), as well as source codes for operating systems.

/on the run/ Kevin did all of this for fun, for the thrill of it, and not to steal or destroy. As a juvenile, he was once certified by a counsellor as being addicted to hacking. Hacking was a way for him to let off steam and prove a point. Kevin collected passwords and source codes as trophies. He did all this in the 1980s & early 90’s, when the law had not caught up with the tech yet. Kevin spent several years in federal prison, first as a juvenile and later for about 5 years from 1995 to 2000. Kevin had a difficult childhood, however a doting mom & a grad ma, who stood by him during his incarcerations. Kevin also received grassroot support as his hacking abilities were hyped by the media & people rallied together for a “Free Kevin” movement, urging a fair trial while he was in prison. Kevin died of pancreatic cancer at the age of 59 in 2023.

/to trust is human/ Kevin’s story is one of a person constantly on the run, with the FBI always on his tail. In many ways, it’s a story of humans' willingness to trust one another, and then being taken for a ride for just doing that !