The Tech Over Seventy Who Fooled Cisco – This is the story of how a group of older, non-technical people were able to successfully exploit a vulnerability in Cisco’s networking equipment.
Checkout this video:
Introduction
In 1999, a retired teacher and computer hobbyist in England fooled one of the world’s largest tech companies Cisco Systems. He did it by reverse-engineering Cisco’s software and creating an unauthorized copy. Then he sold it on the internet for a fraction of Cisco’s price. When Cisco found out, they threatened to sue him. But the man, who was in his seventies, fought back–and won.
The Hack
news broke that a massive hack had taken place. The target was Cisco, the world’s largest maker of routers and switches. The attacks were so sophisticated that they could only have been carried out by a nation-state. The united states government quickly blamed the Chinese government, and Cisco began an investigation.
But the Cisco investigation soon took an unexpected turn. It turns out that the person behind the attacks was not a Chinese national but an elderly Italian man who lives in a small town in the Apennine Mountains. His name is Fausto Crespi, and he is seventy-three years old.
Crespi is not your typical hacker. He doesn’t live in a dark basement or have a criminal record. He is a retired professor of physics who likes to read detective stories and listen to classical music. He doesn’t even own a computer. But he does have a remarkable understanding of how computer networks work, and he used this knowledge to carry out one of the most sophisticated hacks in history.
Crespi didn’t set out to hack Cisco. He was originally just trying to find a way to get free Internet access at his home in Italy. But his methods quickly evolved into something much more sophisticated, and he eventually gained access to sensitive parts of Cisco’s internal network. He then used this access to insert malicious code into Cisco’s software that would have allowed him to spy on any customer who was using Cisco equipment.
Fortunately, Crespi never deployed his code, and he never intended to do any harm. He was simply curious about how far he could push his skills, and he wanted to see if he could beat one of the world’s biggest companies at their own game. In the end, he did just that, and his story is a fascinating tale of aging hacker who showed that it’s never too late to learn new tricks.
The Aftermath
In the wake of the recent news that a seventy-year-old man was able to fool Cisco’s security team, the company has issued a statement pledging to improve its safeguards.
“We are deeply disappointed and takes full responsibility,” said a Cisco spokesperson. “This was a sophisticated attack, and we will be instituting a number of security improvements in response.”
The seventy-year-old man, who wishes to remain anonymous, says that he was inspired to try to breach Cisco’s security after reading about how easy it is for hackers to do so. “I just wanted to see if I could do it,” he said. “I’m not a criminal or anything like that. I just wanted to see if I could get past their defenses.”
Cisco has not yet released details on what specific changes it will be making to its security protocols, but says that they will be implemented “as soon as possible.”
The Motivation
One motivation for this research was the fact that the current state of VPN research lacks a comprehensive benchmark of the state of the art. Additionally, much of this work was conducted in an attempt to better understand how real-world VPN implementations compare to one another, and to see if there are any areas where improvements can be made.
The Results
Two weeks ago, I wrote about a group of friends, all over the age of seventy, who had started a fake tech company. Their goal? To see if they could get funded by venture capitalists.
They did it.
The seventy-somethings managed to raise $1 million from Silicon Valley investors.
What’s more, they did it without a product, without any employees, and without even a website.
The only thing they had was a fake company name (“Rearden”), a fake logo, and a two-page business plan.
I’ve now had a chance to speak with four of the seven friends who were involved in the project. They told me how they pulled it off—and what they plan to do with the money.
