Published February 16, 2009
There's a new "holy grail" for hackers — President Obama's super-secure BlackBerry.
Despite warnings from his advisers, the president insisted on keeping his beloved PDA, which now has specially designed superencrypting security software.
But that just makes cracking into it more challenging — and, yes, it can be done, says the world's most famous hacker.
"It's a long shot, but it's possible," Kevin Mitnick told FOXNews.com. "You'd probably need to be pretty sophisticated, but there's people out there who are."
Mitnick served nearly five years in prison after pleading guilty to charges of wire and computer fraud for hacking into computer systems at some of the country's largest cell-phone and computer companies during the 1990s.
With his hacking days behind him, he now heads Mitnick Security Consulting.
"If I was the attacker, I would look to Obama's close circle of friends, family and associates and try to compromise their machines at home," Mitnick said. "The objective would be to get Obama's e-mail address on the BlackBerry."
Mitnick said someone with access to Obama is much more likely to be targeted by hackers because their networks, particularly those used at their homes, would be much less secure than those used by the commander-in-chief.
Once armed with Obama's coveted e-mail address, a hacker could theoretically send an e-mail to Obama in an attempt to lure him to a Web site that has previously been breached in order to transfer "malicious code," Mitnick said.
Obama administration officials declined to comment Friday.
White House Press Secretary Robert Gibbs told reporters last month that only a small circle of associates and senior aides would be allowed to exchange e-mails with the president.
Chris Soghoian, a student fellow at Harvard University's Berkman Center for Internet and Society, agreed that the most likely route to Obama's BlackBerry would be to trick the president into visiting a pirated Web site.
"These are attacks when you visit a Web site, and within seconds, it hacks into your computer and forces it to download viruses," Soghoian said. "In many cases, people get infected by using out-of-date browsers."
Soghoian said he suspected that the likely culprit wouldn't be a hacker who targets computers for notoriety or fiscal gain, but rather a foreign government looking for classified information.
"By and large, the people who are going to do it for reputation aren't going to have the skills to get into Obama's BlackBerry," Soghoian said. "The real threat is not some dude in an Internet café in Russia; it's a team of 60 hackers working for the Chinese government. The threat is state-sponsored espionage."
The possibility of hackers competing to hack into Obama's BlackBerry is an "ongoing danger," according to Bill Brenner, senior editor at CSO Magazine, a publication for security professionals.
"There's no question there are hackers out there who would love to break into his BlackBerry," Brenner told FOXNews.com. "At any given time, you have countless people trying to hack into a politician's BlackBerry, Paris Hilton's cell phone and the Department of Defense's computer network.
"If somebody were to break in," he said, "they'd have big bragging rights, and it's definitely a big target. I would imagine to some people it would be a holy grail."
So far, officials with the Obama administration have been tight-lipped on details regarding his BlackBerry.
Some have even questioned if it is indeed a BlackBerry — or rather a Sectera Edge, an ultra-secure smartphone approved by the National Security Agency.
"Nobody has really said with certainty what device he is actually using," said Randy Sabett, a partner at Sonnenschein Nath & Rosenthal LLP and a former NSA employee. "That right there is an important subtlety. The less information known, the better."
Research In Motion, the Canadian company that manufactures the BlackBerry and routes most BlackBerry e-mail through its own servers, did not respond to repeated requests for comment.
Obama administration officials likely considered the potential risks involved, Mitnick said, and instructed the commander-in-chief to keep his communications bland.
"The question is, what intelligence would you get? He probably has a rule that nothing classified is discussed," Mitnick said. "If he's discussing anything classified, I can guarantee you it's encrypted using an advanced algorithm."
Mitnick, who eluded authorities for three years before being apprehended by the FBI in North Carolina in 1995, warned any potential hacker to consider the consequences before acting.
"The government would go after them full force," he said.
Still, the potential threat to national security remains real, however small.
"There's no such thing as 100 percent security, and anyone who tells you otherwise isn't being honest," Brenner said. "And when you're the president, there's always the danger of someone trying to get to you."