I had the opportunity to hear Kevin Poulsen speak recently and it was a real treat. Kevin is a recovered black hat, now working as a writer and journalist. I hereby pronounce his book mandatory reading for anyone working in cyber security.

Kingpin: How One Hacker Took Over the Billion-Dollar Cybercrime Underground

It’s a great read and beyond the entertainment factor, it gives tremendous insight into how stolen credit cards have evolved from being just an edgy hobby into big, very big, business.

In the talk I attended, Kevin gave his own story and even showed us a clip of himself, troubled and devious youth hacker, as depicted on Unsolved Mysteries. But the heart of his talk summarized the story told in his book, Kingpin. This book tells the story of since captured hacker, Max Butler, who in his own mind had only the purest intentions. Hack the hackers and make money along the way. That slippery slope ended abruptly and Kevin does a terrific job of capturing the facts and the personalities involved, which are often overlooked when simply reading the headlines. Another version of his talk was recorded at Stanford Law School when he gave it in 2011. Check it out here:

After the talk, I asked him if he agreed with most security analysts who predict that criminal hacking focus will shift from stolen credit cards to medical records. He replied, in part, “I’m not convinced yet.”

He explained in his talk that although chip and pin/sig will not stop all credit card theft, it will hamper the appeal and availability of large payloads we have seen in recent years.

Whether the focus shifts or not, one thing is for sure…bad guys are good at multitasking.

What do you think the next big thing will be? Let me know it in the comments below.

Thanks for reading and don’t forget to subscribe.