Finding computer intruders is not an easy job, unless they make a mistake.
By Friday, investigators and amateur sleuths quickly found that the person who illegally accessed the Yahoo e-mail account of vice presidential candidate and Alaskan governor Sarah Palin apparently made at least two errors. First, in the screenshots uploaded to Wikileaks by the intruder, most of the unique address generated by the CTunnel proxy service is visible, allowing authorities to subpoena the service to get the data from the administrator, Gabriel Ramuglia, the 25-year-old operator of CTunnel, told The Register. In addition, in a posting to an online forum, the hacker used an e-mail address at Yahoo that appears to point back to a Tennessee college student, the son of a Democrat lawmaker.
The alleged hacker, using the name "rubico," stated that he used Internet searches to discover the answers to three questions used by Yahoo's e-mail password recovery service. The e-mail messages the intruder found in Palin's account did not pertain to government business, he added.
"I read though the emails ALL OF THEM before I posted, and what I concluded was anticlimactic, there was nothing there, nothing incriminating, nothing that would derail her campaign as I had hoped," rubico stated. "All I saw was personal stuff, some clerical stuff from when she was governor . And pictures of her family."
The e-mail account used to post the message, firstname.lastname@example.org, belongs to a 20-year-old college student, David Kernell, the son of Tennesee State Rep. Mike Kernell, according to an article in The Tennessean.
Political hacking is not an uncommon occurrence. In 2004, a report found that two Republican Senate staffers had taken advantage of a misconfigured server used by Democratic members of the Senate Judiciary Committee to steal at least 4,670 files over a year and a half. In 2006, online activists managed to download a copy of the company's electronic-voting system code and submit it to election officials and security experts for analysis.
If you have tips or insights on this topic, please contact SecurityFocus.
Posted by: Robert Lemos