Hacking and cybercrime evolution at IP EXPO

It seems they’ll let anyone talk at IP EXPO, the UK’s number one end-to-end enterprise IT event.

Today, at Earl’s Court in London, the keynote was given by Kevin Mitnick, the notorious ex-hacker who has served time in US prisons on two separate occasions for his criminal activities.

Kevin Mitnick at IP Expo

Tomorrow, Thursday 17th October, I’ll be taking to the same stage to talk about how cybercrime has evolved from back bedroom hackers to state-sponsored espionage.

Collage of Graham Cluley's slides

I haven’t ever been sent to prison, but I have been fined for parking badly and occasionally had legal threats over my karaoke performances.

Neither breaking the law nor poor renditions of power ballads should ever be considered a qualification to speak at an IT event about computer security.

I didn’t see Mitnick’s talk, but the word on the Twittersphere is that it was very entertaining and included a quip that the only thing McAfee was any good at was was making videos.

Whether he was talking about the anti-virus company McAfee, or their eccentric founder John McAfee (who *does* make some NSFW videos), is unclear to me at this time.

But if it *was* directed at McAfee the company, it seems a bit of a cheap shot to me.

Of course, no anti-virus software is perfect, and you should be suspicious of any “solution” which claims that it can protect your computers against all different types of attacks. But that’s a very different thing from declaring a particular security company or product worthless.

McAfee, and its many well-known competitors in the anti-malware field, have successfully protected hundreds of millions of computers around the world against online threats, and drastically reduced innocent users’ exposure to viruses, Trojan horses and spyware over the last 25 years.

Sure, anti-virus companies screw up sometimes – but generally they do more good than harm.

I have much more respect for the people who create security software and have helped develop technology to make the online world a safer place than those who have demonstrated their dubious moral standards by breaking the law.

That’s not to say that Mitnick hasn’t got useful things to say, and can’t contribute to the security debate. I just wonder if any contribution he has made to computer security can match the good that has been done by one of the world’s best-selling anti-virus products.

You can read more about the talk I will be giving on the IP EXPO website.

If you are in London and attending IP EXPO, please do come along (Thurs 17 Oct, 15:50, Keynote theatre) and say hello.

I promise not to do any Meat Loaf.

Tags: , , , ,

, , , ,

2 Responses

  1. Stew Green October 16, 2013 at 8:06 pm #

    - You should have told us before : now entry is £35 (it was free to people who registered before 7pm yesterday)
    .. it does look good bthough.

  2. Chris Lines October 17, 2013 at 2:21 pm #

    Somewhat agree about the use of 'poachers turned gamekeepers' such as Kevin Mitnick.

    However, 'The Art of Intrusion' is an excellent resource to understand how security breaches can happen in the real world. There is often a false sense of security among companies who have installed anti-virus/firewalls and think they are safe. No wonder 'hackers' laugh at this ridiculous complacency. Unfortunately you also make the same mistake in underestimating the value of what Mitnick is telling us.

    Have his books and openness about 'hacking' methods done more good maybe than McAfee and other anti-virus solution vendors? Did you add up the cost and danger of 'false sense of security' risk due to AV over-sell claims? Did you take into account the economic value of all those computers slowing down or crashing, or time spent re-installing and updating due to AV software? Do AV companies take any responsibility if your computer is infected or hacked? You don't even get refunded the cost of the product. Never mind damages, they (the AV software vendors) have a risk free business.

    If companies took the trouble to listen to 'hackers', this would be a major step in protecting against security threats. Turning this debate into a 'Good vs Evil' argument is completely missing the point about security issues and privacy concerns.

Leave a Reply

XSLT by CarLake