A01 chaf6542 06 se fm indd

probation, 400 hours of community service and a fine of $10,050. He is now an assistant 

professor at MIT, where he originally released his worm to disguise its creation at Cornell 

University.

● 

Kevin Poulsen – In 1990 Poulsen took over all telephone lines into the Los Angeles radio 

station KIIS-FM, assuring that he would be the 102nd caller. Poulsen won a Porsche 

944 S2. This was one of many hacks conducted while he worked for hi-tech company SRI 

International by day and hacked at night. He was eventually traced and, in June 1994, 

he pleaded guilty to seven counts of mail, wire and computer fraud, money laundering 

and obstruction of justice, and was sentenced to 51 months in prison and ordered to pay 

$56,000 in restitution. It was the longest sentence ever given for hacking. He is now a 

computer security journalist.

● 

Kevin Mitnick – The first hacker to be featured on an FBI ‘Most wanted’ poster, Mitnick 

was arrested in 1995. He later pleaded guilty to four counts of wire fraud, two counts of 

computer fraud and one count of illegally intercepting a wire communication. He admit-

ted that he broke into computer systems and stole proprietary software belonging to 

Motorola, Novell, Fujitsu, Sun Microsystems and other companies. He was sentenced to 

46 months. Following his sentence he became a security consultant and is now a leading 

commentator on security and has made many TV appearances and written books and 

articles.

Gaining access to a system may be perceived by the hacker as simply a technical challenge. 

The term ‘hacking’ traditionally refers to the process of creating program code, another 

form of technical challenge. This can almost be considered as a pastime, albeit an unethi-

cal one. The BBC (2003) reported that TruSecure, a US hacking monitoring organisation, 

currently tracks more than 11,000 individuals in about 900 different hacking groups and 

gangs. 

First, the normal entry points to systems through usernames and passwords can be used. 

Tools are available to try different alternative  log-  ins, although most modern systems will 

refuse access after several attempts. Hacking can be combined with identity theft to gain an 

idea of the passwords used. 

The second form of hacking exploits known vulnerabilities in systems. Although these 

vulnerabilities are publicly known and will be posted on the vendor’s website and special-

ist security websites, there will be many system administrators who have not updated their 

systems with the latest security update or ‘patch’. This is partly because there are so many 

security vulnerabilities, with new ones being announced every week.

Thirdly, Kevin Mitnick refers to ‘