The Art of Intrusion

Kevin Mitnick, possibly the world's most notorious or well-known hacker, is still under a federal gag order which prohibits him from discussing his own hacking exploits. So, he turned to the rest of the hackers of the world to compile this book. The Art of Intrusion is a collection of stories as told by the hackers that did them. It is enlightening and somewhat entertaining at the same time.

Kevin Mitnick put the call out to the hacker underground asking for stories of attacks and exploits. One of the challenges facing Mitnick and his co-author William Simon was to try to determine the veracity of the stories, especially in the case of alleged hacker exploits that were never officially detected or acknowledged.

Mitnick and Simon did what they could to compare the stories to what facts they could corroborate, as well as working to determine if the story sounded technically plausible and whether or not the alleged hacker could convey enough details on a consistent basis to make them believe the story was true. The result is this compilation of stories.

Mitnick and Simon do not stop at simply entertaining us with stories of hacker "heroism". Each story ends with a section summarizing Insights regarding the attack and Countermeasures that could be employed to ensure you are not victimized by a similar attack.

I thoroughly enjoyed this book. I found it as entertaining as I did enlightening. It boggles the mind sometimes to contemplate the tremendous brilliance that goes into these illegal deeds. Imagine how much could be accomplished if these geniuses would use their knowledge and skills for good.

Each of the stories in this book provides a look at a different sort of attack. They provide some insight into why the attackers did what they did, how they were able to accomplish it and what sort of damage was incurred. In some cases the story-teller was never actually detected or caught so the story is told anonymously to protect the attacker's identity.

Mitnick and Simon interlace some commentary within the stories where it seems warranted, but their main contribution is at the end of each story. The information provided in the Insights and Countermeasures section can help a network or security administrator put the story in context and determine proactive steps that might protect them from being victimized by a similar attack.

Whether for entertainment or education I recommend this book. I look forward to reading Mitnick's own personal hacking exploits once the gag order has expired.