Kevin Mitnick is arguably the world’s most infamous “computer (ex)criminal”. For those of you who don’t know, he served a long prison sentence (about 5 years) before being released on a strict probation. The terms of his probation amongst other things, forbade him from using computers, software and devices that would allow connectivity to the Internet. In other words, the Net was a “no-no” for him. (If this has grabbed your attention, you can read more about him in and at Takedown.)

The story is that he started a consulting business which would help other companies protect themselves from online threats. Recently the terms of his probation expired and he was once again net-free. And… Mr. Mitnick was in the news again! This time, because his website (defensivethinking.com) had been defaced by hacker BugBear.

Ouch! How could that happen to one so savvy. Logical question. It so turns out a that the administrator for the site had overlooked a basic configuration directive. A simple human error, but one which allowed complete access to all files and data in the website space.

Which really brings us to the point of this little story. No matter how good you are, no matter how sophisticated your systems - never forget the human factor! That is the weakest link in your chain of defense!

This entry was posted on Saturday, February 15th, 2003 at 5:35 pm and is filed under Security. You can follow any responses to this entry through the RSS 2.0 feed. You can skip to the end and leave a response. Pinging is currently not allowed.