Not only do I think that it could make an excellent "Catch Me If You Can-esque" type of movie, but it showed that information security is very difficult when you are up against someone who is skilled at using Social Engineering tactics to exploit arguably the weakest link in the information security chain - people.
One of the best hacks included in the book is when Kevin M. Social Engineers his way to talk to another high profile convicted hacker Kevin Poulson who is serving time in a high security prison. He calls him on the Attorney-Client privileged phone line in the high security prison while Kevin M. is still a fugitive on the run! I won't go into how he pulled this off, but it was pretty dang slick!
Reading this book, made me want to focus more on training people, rather than getting caught up in all the technical counter measures. Don't get me wrong, the technical side is still very important, but all the technical countermeasures in the world don't mean anything if someone can Social Engineer a privileged user to give them their user and password information.
So many Info Sec Professionals focus on zero day exploits, firewalls and IDS. Again, I want to stress that I'm not saying that those things are not important and necessary, but so often Info Sec Pros pay less attention to training the end users on best practices and different innocuous ways that someone can skillfully gather critical information from them. I think training people has the potential to yield better long term Information Security program success.
This real world memoir of the world's most wanted hacker shows that Social Engineering is probably still the biggest threat to information security and organizations around the world.
You can pick up Kevin's book at http://www.amazon.com/Ghost-Wires-Adventures-Worlds-Wanted/dp/0316037702
Here is a link to read some excerpts from the book.
