The security industry took to social media to mourn the passing of famed and controversial hacker Kevin Mitnick, who died at age 59 Sunday following a 14-month battle with pancreatic cancer.
Mitnick’s death was announced jointly by his family and KnowBe4, the company where he remade himself after serving five years in prison for computer and wire fraud. Mitnick was KnowBe4’s chief hacking officer, co-owner and was a noted speaker, consultant and author on security topics.
“Kevin was a dear friend to me and many of us here at KnowBe4,” said Stu Sjouwerman, KnowBe4’s chief executive officer. “He is truly a luminary in the development of the cybersecurity industry, but mostly, Kevin was just a wonderful human being and he will be dearly missed.”
Aleksandr Yampolskiy, co-founder and CEO at SecurityScorecard, agreed that Mitnick was a security industry legend.
“He was on the FBI’s most wanted list, served in prison, and then became a famed security advisor,” wrote Yampolskiy on his LinkedIn page. “His book 'The Art of Deception' is one of my favorite books on social engineering. I remember him presenting to a packed room at The HOPE conference in New York many years ago. Within 10 minutes he called a gas station and got the manager to reveal his SSN number by saying that ‘the payroll will be delayed on Monday.’ The entire audience broke into applause. He taught us what it’s like to be a visionary in security and he will be missed.”
Ellen Reavis Gerstein, who now works as a senior director, digital communications in corporate affairs at Pfizer, posted this on Facebook:
“This was a flashback. I worked with Kevin when we published his first book 'The Art of Deception.' I think it was one of the first computer books of mine that crossed over into being a trade book bestseller. He was a character, that’s for sure. I’ll posit that he was never a computer genius, but a master con artist who took his art to a different medium. Social engineering awareness is greater because of him. I also have enough stories about him to fill my own book.”
And, Jake Williams (@MalwareJake), faculty at the Institute for Applied Network Security, said this in an email to SC Media:
“The cybersecurity field wouldn't be the same without people pushing boundaries. That unfortunately meant clashing with authorities. Without people like Kevin demonstrating the realistic risks of insecure computing practices, people wouldn't have taken security as seriously. Some people love to focus on the fact that Kevin was convicted, but that's myopic. There was no such thing as white hat hacking and DOJ was always going to make an example of someone. By demonstrating how insecure some of our nation's most sensitive computers were, he established the foundation for the field of cybersecurity today.”