Wired editor and former “black hat” hacker extraordinaire Kevin Poulsen left the dark side of the keyboard long ago in favor of his career as a crackerjack investigative reporter. Both skill sets, however, serve him exceedingly well in his debut book Kingpin. Poulsen delves deep into the mad world of another computer wunderkind, Max “Vision” Butler, who’s bent on becoming the cyber underworld’s boss of all bosses. Recently the author spoke with Kirkus about how vulnerable we truly are on the Internet, the lasting legacy of Matthew Broderick’s early film career and his appearance at SXSW this spring.
What are the characteristics and motivations that drive hackers?
I think all hackers enjoy a challenge. They enjoy getting immersed in a technical problem. They enjoy relating to technology and overcoming problems. When you’re looking at layers of code and you’re trying to solve something and make it work just the right way—that can really draw you in. That’s at the root of all computer hacking. With hacking of the criminal variety, you have the added adrenaline rush. So it’s an intellectual challenge coupled with a thrill—and that can be a very potent mixture.
How do you feel about Max “Vision” Butler? Is he redeemable?
He’s a complex guy. He made some bad choices. One thing everybody I talked with agreed with—even the Feds—is basically, he’s a good guy. He has a streak in him of aggressiveness and criminality that kind of took over, landing him where he is now [in federal prison]. Those who know him in real life see him as a very nice guy who would give you the shirt off his back. Certainly, the situation that he’s in now is regrettable.
What was the most surprising thing you learned writing this book?
I think it was just how widespread the theft of credit card mag-stripe data is. The conventional wisdom is that shopping online is unsafe and shopping in brick-and-mortar buildings is safe. In the book, I pinpoint the exact moment that became false when theft from brick-and-mortar outlets, because they’re either connected to the Internet or their corporate networks are connected to the Internet—when that actually made it safer to shop online than anyplace else. Since that moment, they’ve been running neck and neck. So, you’re equally at risk no matter where you shop.
Where will the next threat to the Internet arise?
Right now the big, sophisticated intrusions come from two types of attackers. They come from those conducting espionage, particularly from China, and they come from profit-seeking financial fraudsters like the kind that I write about in my book. And they’re mostly coming from Eastern Europe right now. I think we’re going to see a third prong develop over the next year, and that’s going to be theological. Hacktivists, for want of a better term, who are going to be intruding on corporations and government agencies where they can, for the purposes of shaming them.
There was a big case just recently where the supporters of Wikileaks cracked a computer security company. These hackers cracked the security company, got all of their e-mails and posted them in a searchable format on the web. I think that shows that not only is everyone vulnerable, but this is potentially the start of something new. Companies that previously weren’t targeted because there was no reason to go after them now are going to find themselves being attacked. They’re going to suffer a lot of embarrassment. A lot of secrets are going to be spilled.
Just how vulnerable is the Internet today?
Everything on the Internet is vulnerable. It’s shocking how vulnerable it is. The things that haven’t been hacked, they mostly haven’t been hacked because there’s not interest by professional intruders. But the moment there is interest they find themselves being attacked.
What do you think the impact of your book will be?
I hope it will make a lot more people aware of what the situation is in the underground. The public still thinks of hacking as Matthew Broderick in War Games. It’s not that anymore. It’s all high-level hacking. It’s pretty much all professional now.
What can we expect from your upcoming March 11 appearance at the SXSW festival?
I was thinking of possibly of reading from the chapter “UBuy WeRush” because it’s kind of a pocket history of how he set up business selling hardware and supplies to criminals around the world. I’ve never been to SXSW before, so I’m excited about the whole thing and to see what it’s all about. I’m only going to be there for one day so I’m going to be running around trying to see everything I can.
Kingpin: How One Hacker Took Over the Billion-Dollar Cybercrime Underground
Crown / Feb. 22, 2011 / 9780307588685 / $25.00