Synopsis
Kevin Mitnik’s follow up to The Art of Deception is a closer look at some famous and not so famous hacks of the 90’s. It focuses much more on the logistical and technical side of early hacking. It is again styled as anecdotes from both the author and people he knows.
My Reaction
These two books from Kevin Mitnik are widely considered as required reading for cyber security professionals. While there are now many other books that could fill in the knowledge these books impart, there’s no replacing the real inside view from early days of hacking. Some of the chapters are more entertaining than others, but there is a valuable lesson in each one that technical professionals and leaders both need to pay attention to.
Almost all the anecdotes lead to one key idea: defense in depth. Many of the stories told of how hackers found their way into a system and were able to pivot for weeks, months, and even YEARS after making a foothold. The common problem was reliance on a single protection mixed with a “set it and forget it” style of security.
Recommendation
This book is required reading for the security focused, and a great value for all IT professionals. Even if you have nothing to do with IT, this book is a great way to see into how the hacking world use to operate.