One would think that the Hillary Clinton’s email scandal would teach important people not to store sensitive data in their email boxes. Apparently not. CIA director John Brennan felt secure enough to leave a bunch of top secret documents lying about in his mailbox, including his 47 pages long application for receiving access to these documents. What’s worse – it actually included the Social Security numbers of over a dozen other CIA officials. It also included a reprimand from the government on the use of “harsh interrogation techniques” on suspect terrorists.
How do we know all of this?
The hacker, who claims to be an american teenager that is not of Muslim origin contacted The Post to boast about his successes, which include posting a few of the stolen documents, as well as a list of Brennan’s contact list on Twitter.
He did not reveal his name, but gave proof of his accomplishments by tweeting “CWA owns John Brennen of the CIA” over the @phphax Twitter account. According to the hackers “CWA” stood for “Crackas With Attitude,” which apparently refers to himself and another classmate.
Despite his claims of not behind Muslim the hacker’s Twitter page contains the Muslim Shadaha creed, which roughly translates as “There is no God other then Allah and Mohammed is his messanger”. The stolen documents were stored as email attachments to about 40 emails, which he was able to read when he infiltrated Brennan’s account on the 12th of October. It’s ironic, because that’s over 6 months past after Clinton’s questionable decision to use a private computer server to handle emails while serving as secretary of state blew in her face.
Being a teenager the hacker used an old and tested method called “social engineering”. Rather then testing his computer skills against the defenses of the mailbox (and almost certainly failing) the hacker first contacted Verizon. It convinced the customer service employee to provide him with Brennon’s personal information. Afterwards it was a cakewalk for him to trick AOL into resetting the mailbox’s password to a new one, which he had sent to himself.
If we are to believe his final boasting words he played tricks on Brennon since August, once even reciting his Social Security number to him over the phone. Apparently the agent just “waited a tiny bit and hung up”, but made to attempts to persue the issue. Also the hacker supposedly also sneaked into the online Comcast account of Jeh Johnson (Homeland Security Secretary). He then posted a redacted screenshot of one of his billing pages and also claimed to have listened to some of his voice mails.
Did it really happen?
Considering the fact that we are talking about a possible breach into the CIA itself little information is forthcomming about the validity of the hacker’s claims. The official CIA statement is “We are aware of the reports that have surfaced on social media and have referred the matter to the appropriate authorities.” which pretty much tells us nothing.
Apparently there is a source within Law Enforcement that commented on the situation.
“I can’t believe he did this to the head of the CIA,’’ and also “[The] problem with these older-generation guys is that they don’t know anything about cybersecurity, and as you can see, it can be problematic.”
It is, of course, entirely possible that all of this is a machination to discredit the CIA and make it appear inept. However, we find that hard to believe, especially after the revelations given to us by Edward Snowden, who was also a former CIA operative. Whether such a security breach really happened we will likely never know for certain, but the we certainly find the notion that the director of the most well funded intelligence agency in the world got hacked amusing. If you ever get your email hacked don’t be so angry at the host providing the service – after all if a CIA director has his hacked then nobody is ever safe for certain!