Someone should start thinking about Hillary here

Federal investigators are examining claims that high school students hacked CIA director John Brennan’s personal email account and published identifying information for more than 20 alleged CIA personnel.

On Monday the hackers released a spreadsheet allegedly from Brennan’s account that included the alleged CIA employees’ clearance levels, email addresses, phone numbers and social security numbers.

Former National Security Agency technical director Jasper Graham said the highly embarrassing breach of Brennan’s email was likely a “social engineering” attack, in which personal information supposedly only the account holder would know is used to break in.

“Social media has enabled this to the nth degree, because a quick profile search and a friend request and then LinkedIn can get you enough information to start resetting things. All the providers, whether it’s credit cards or banks, have to have something else in place.”

If they can hack him then how easily could they have hacked her private email server?

If anyone knew of its existence of course. But then anyone who ever received an email from her would know that, right?

15 thoughts on “Someone should start thinking about Hillary here”

  1. So Much For Subtlety

    The American Left and the mainstream media, (I repeat myself I know), have decided there is nothing to see here and it is time to move on.

    Laws are for little people. Not for the Clintons. Who continue their life time of law breaking and general immorality. I expect President Clinton will tell her Attorney General (I would guess Johnnie Cochran, dead or not) to charge him.

  2. Not really. You can legitimately set up email so that it appears to come from a different domain as long as you have appropriate access to the domain from which you want the email to appear to come. So an email initially sent from [email protected] could appear to come from an email address in the gov.us domain.

    In fact this can often be done without the appropriate access but sometimes (perhaps often) it gets trapped by anti-spam measures. This technique, as you might guess, is used by spammers and other criminals to try to fool you into thinking an email comes from, eg, the bank when it is actually a fishing attack.

  3. “Social media has enabled this to the nth degree, because a quick profile search and a friend request and then LinkedIn can get you enough information to start resetting things. All the providers, whether it’s credit cards or banks, have to have something else in place.”

    I don’t even know where to start with this story but

    a) resets come to your account or to another account you control b) if you’re the CIA director what the fuck are you doing on sites like LinkedIn, and what the fuck are you doing accepting friend requests from any Tom, Dick and Harry c) what in the name of fucking fuckity fuck fuck are you doing with anything work related on your personal email if you’re the head of the CIA, especially what is clearly unencrypted files.

    The guy should be fired. No redundancy, no pension. He clearly has no fucking clue about intelligence in the modern age.

  4. JonD,

    Anybody who is capable of even the most basic hacking would just look at the SMTP header, which would uncover the trivial masking you suggest.

  5. Surreptitious Evil,

    Of course they would. I wasn’t trying to suggest that it was a sophisticated disguise. I was simply responding to “anyone who ever received an email from her would know that”.

    How many of the sort of people that Hillary would be sending email to do you think would be “capable of even the most basic hacking” ? Very, very few, I suspect.

  6. It doesn’t need everyone to know it. It only needs the right people to know.

    As for CIA staff on social media, LinkedIn etc – lol. The gap between the CIA portrayed in films and on TV and the CIA in reality seems to be quite large.

  7. To SMFSs point, here are recent milestones in US ‘cybersecurity’:
    1. The head of the IRS was issued a shiny new reimaged laptop an hour after her old one crashed.
    2. The head of the CIA did not use LinkedIn, Facebook, or any other public service.
    3. clintonemail was hacked by the Russians and Chinese from the time it was registered.
    4. The Chinese hack of the OPM obtained the 120-page security clearance dossiers of over 20 million US citizens.
    The US media lied about items 1,2, and 3 and quickly lost interest in 4.
    Odd that.

  8. No one will bother about Killary Rugmunch.

    The Federal tyranny will be too busy wanking themselves into a frenzy demanding that 2000 years of jail time be handed out to the teenpunks who did the hacking.

  9. Former National Security Agency technical director Jasper “Graham said the highly embarrassing breach of Brennan’s email was likely a “social engineering” attack, in which personal information supposedly only the account holder would know is used to break in.

    “Social media has enabled this to the nth degree, because a quick profile search and a friend request and then LinkedIn can get you enough information to start resetting things.”

    Uh, if the *director of the CIA* has such sloppy OpSec to be leaking that stuff on his *social media* account – then he got exactly what he deserved.

    I mean, its not like this sort of thing is some *new* technique, social engineering itself predates anything resembling hacking.

  10. The ‘hacker’ Kevin mittnick mainly dealt with social engineering. One of his early hacks was talking to bus drivers on the local system, he said many people will talk to an interested teenager and divulge information. Ended up with him finding out where to get hold of a punch machine for transit tickets so he was able to pick old tickets from the trash and reuse them.

  11. So Much For Subtlety

    Former National Security Agency technical director Jasper Graham said the highly embarrassing breach of Brennan’s email was likely a “social engineering” attack, in which personal information supposedly only the account holder would know is used to break in.

    He fell for the Paris Hilton flaw! Bloody hell, it is worse than you think. Paris Hilton, of course, has dozen of Facebook pages of her with her lap dog Tinkerbell (or whatever). Meanwhile the “safe” question on her e-mail is “What is the name of your dog?”

    I expect Ms Hilton to be that stupid, but the director of the CIA?

  12. Bloke in Costa Rica

    Given that Clinton’s shonky email server was left with a publicly accessible VNC/RDP port I think it is overwhelmingly likely that it was penetrated by foreign intelligence services. That betokens a lack of awareness of basic security that is quite remarkable. The gofer that set it up seems to be have been lackadaisical and oddly incurious about hardening the system against intrusion.

Leave a Reply

Your email address will not be published. Required fields are marked *