Web-based e-mail users take note: Use strong passwords. The private e-mail account of Republican vice presidential candidate and Alaska Gov. Sarah Palin was apparently hacked earlier this week, and screen captures of e-mail messages, family photos, and the e-mail inbox were posted on a Web site.
Tracing the Hacker
The alleged screenshots were published on the Wikileaks Web site, which publishes leaked government, corporate and religious documents and protects the identity of the sources. From there, the e-mail spread throughout the Internet.
Hacking into an e-mail account may be punishable by up to five years in prison under federal law. Local statutes may also have been broken.
According to a report in the Register, a proxy server  operated by Ctunnel.com in Fairbanks, Alaska, was used to anonymously attack the Yahoo account. IP addresses from incoming users are allegedly held in cache on the Ctunnel server at another facility in Chicago and could identify the hacker.
In fact, in a post discovered on a hacker-oriented Web site, a user named "rubico" posted, "THIS [hack into Palin's account] was serious business, yes I was behind a proxy, only one ... I didn't know how to [download] all that stuff, so I posted the pass[word], and then promptly deleted everything."
Getting to the Chicago server may not be problematic for the FBI or Secret Service. Charles Silverman, a Chicago-based attorney, said it all depends on whether the government wanted a warrant or a subpoena. "The main difference being that warrants need probable cause, whereas subpoenas merely need reasonable suspicion," he said.
Legal consequences for the hacker may be dire. Silverman said, "If the e-mail search or release was done in a threatening manner, or seemed designed to intimidate or release potential security information, then the Secret Service could make an arrest. If this was done for embarrassment and/or political gain, then it would be solely FBI jurisdiction. I suspect that the Secret Service is part of the investigation to see if there was an attempt to find security information, then the perpetrators would be guilty of the inchoate crime of attempted harm and/or conspiracy to harm."
When we contacted the Chicago facility, an associate at FDC Servers, Peter Karl, had no knowledge of any authorities requesting access. "We have over 3,000 servers here," Karl said. "The authorities would have to contact the server owner. We have no access to their data ."
Worth the Time?
Much scrutiny has been focused on Gov. Palin since her nomination to be the running mate of Republican presidental candidate Sen. John McCain. Last night the McCain campaign released a terse statement condemning the hack.
Reporters at The New York Times, The Washington Post and the Associated Press have speculated about Palin's use of a private Yahoo account to conduct Alaska business, yet the posted e-mails appear to be personal, with no government content. Family photos were also posted on the Internet.
"rubico's" post concluded, "I read though the emails ... ALL OF THEM ... before I posted, and what I concluded was anticlimactic, there was nothing there, nothing incriminating, nothing that would derail her campaign as I had hoped."
|
Social Media and the Customer Experience