He was hacked by Kevin Mitnick in the '80s and recently had his identity stolen - but Lynch still has hope for making security strong and usable

When law enforcement officials had Kevin Mitnick in their sights for the second time in the early 1980s, Dan Lynch was awakened by a phone call at his home at 2:00 a.m. asking if he would press charges against Mitnick upon his arrest. Lynch, who was then a director at the University of Southern California’s Information Sciences Institute in Marina Del Ray, said yes.

“He was lurking on campus at SC and breaking into our system then,” Lynch recalls. “There were open computers laying around... Those were the systems he used to do his deeds.”

Lynch, 66, the renowned TCP/IP and Arpanet pioneer who founded Interop in the 1980s, says Mitnick’s capers back in the day were different than those of black-hat hackers today. “There was no money to be had in those days” for hacking, he says.

Lynch knows firsthand how all that has changed today: He’s a recent victim of identity theft and has spent the past few months dealing with the headaches and stress of ironing out fraudulent bank accounts and credit card charges that included everything from three consecutive days’ worth of Godiva chocolate and men’s clothing purchases at a Macy’s in Reno, Nev., to his new credit card account number being stolen before he had even received it himself.

“Before I got my new one [credit card] in the mail, there were fraudulent charges on it,” he says. “It turns out someone had opened up a bank account in my name and was getting notification of my new card. So I had to bring my Social Security card, a utility bill, and my driver’s license to Bank of America to prove I’m Dan Lynch.”

Lynch admits he hasn’t always been lucky in security. “I have co-founded a handful of security companies over the past 15 years, and none turned out to be barn burners. We either flubbed it up or the world didn’t want to pay much for security.”

Among his past security investments was the now-defunct Cybercash, whose technology today is being used by PayPal, which purchased the technology from VeriSign, which initially bought Cybercash’s assets and name when it went bankrupt in 2001. Cybercash was a case study in how even the most secure technology isn’t always marketable: “We built all this security into Cybercash to make is super-secure. Nobody cracked it. But no one could figure out how to use it."

Making security usable is the key strategy behind one of his latest investments -- startup Usable Security Systems, whose founder and CEO Rachna Dhamija is well known for her human factors research at Harvard University. Usable’s technology is still under development. “Her [Dhamija's] slant is that it’s not just the technology, but the usability,” Lynch says.

“The elevator pitch is you have one logon to get to all Websites and it’s super-secure."

Lynch also helped found Sana Security, which aims to detect malicious code that antivirus products don’t catch, including bots and unknown Trojans. He has also invested in a startup called Iterasi, which is beta-testing its product that “notarizes” live Web pages to preserve and save them as-is and securely stores them. “It’s for compliance stuff... and for proving you read and saw something,” Lynch says. “It’s a special kind of bookmark.”

Security isn’t easy to monetize, he says. “Everyone wants it but no one is willing to pay much for it. And even if you have a security solution, getting it adopted usually means a serious change to something someone’s doing.”

But you won't find Lynch at Interop this week in Las Vegas. He sold off the business in 1990 and it changed hands several times (Interop is now owned by TechWeb, a division of United Business Media, the parent company of Dark Reading), and Lynch hasn’t attended an Interop show since 2000 when he and Vint Cerf were invited to speak on a panel about the Internet’s evolution. He says he doesn’t typically follow the show anymore, but he does miss the days when Interop was “by nerds, for nerds."

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message.

About the Author(s)

Kelly Jackson Higgins, Editor-in-Chief, Dark Reading

Kelly Jackson Higgins is the Editor-in-Chief of Dark Reading. She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise Magazine, Virginia Business magazine, and other major media properties. Jackson Higgins was recently selected as one of the Top 10 Cybersecurity Journalists in the US, and named as one of Folio's 2019 Top Women in Media. She began her career as a sports writer in the Washington, DC metropolitan area, and earned her BA at William & Mary. Follow her on Twitter @kjhiggins.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights