Pages

23 October 2015

CIA Director John Brennen Still Has an AOL Email Account???

David E. Sanger
October 21, 2015

Nothing Classified or Hip in C.I.A. Director’s Hacked Email

WASHINGTON — For John O. Brennan, the director of the C.I.A., perhaps the worst part of the attack on his private email account was the revelation that until very recently, he used an AOL account.

In a digital world dominated by Gmail, Mr. Brennan’s selection of email providers perhaps did not convey the image of an intelligence director on the cutting edge of communications technology. But the good news for Mr. Brennan is that so far, no classified information appears to have been revealed.

The few documents that have surfaced include a spreadsheet of a guest list, including the names of some government employees and their Social Securitynumbers who appeared to be on an access list, for an event in a government building.

Nonetheless, the F.B.I. has opened an investigation into the claims of a hacker, who approached The New York Post with news of his success and the assertion that he was acting on behalf of Palestinians. He contended that he had also downloaded Mr. Brennan’s disclosure forms for a security clearance, and had carried out a similar hacking of an email account belonging to Jeh Johnson, the secretary of the Department of Homeland Security, the agency charged with day-to-day protection of the domestic Internet infrastructure.

But Mr. Johnson did not actively use the account, officials said, and it may have been given to him as part of a Comcast cable package.

Senior government officials said that the hacking was more embarrassing than damaging, and that it was far less serious than an incursion at the Office of Personnel Management, which says it lost security clearance dossiers for about 22 million Americans, including the fingerprints of 5.6 million.

That intrusion is widely believed to have been executed by Chinese hackers, probably working for the Beijing government. The director of national intelligence, James R. Clapper Jr., refuses to call it an attack because it involved espionage rather than the destruction of data.

By that standard, the theft from Mr. Brennan’s personal account would also not constitute an “attack.” Instead, it was more like vandalism, executed by an occasionally foul-mouthed user of Twitter, where the hacker has posted taunts and occasional screen shots of documents. Most of the documents were old, dating to the days when Mr. Brennan, a former C.I.A. station chief in Riyadh, Saudi Arabia, was President Obama’s top counterterrorism official.

One of those documents suggests that the hacker last had access to Mr. Brennan’s account on Oct. 12, at which point the account appears to have been closed.

The chances of finding the offender and any accomplices seem high. Two Twitter handles associated with the intrusions went dead over the past 24 hours. Twitter will probably receive an order to turn over the Internet protocol addresses from which the hacker was working. Unlike Russian and Chinese hackers, this cyberthief was clearly looking for publicity.

For the federal government, which has been urging people to practice good “cyberhygiene,” Mr. Brennan’s troubles could have been a teachable moment. Many federal agencies urge citizens to change their passwords regularly and use “two-factor authentication,” which requires a code to be sent to a cellphone or another email address before an account can be used remotely.

But the C.I.A. decided otherwise. It did not deny the reports, but it shed no light on how the hacking had happened. “We are aware of the reports that have surfaced on social media and have referred the matter to the appropriate authorities,” a C.I.A. spokesman said.

Accounts in The New York Post and Wired magazine suggested that the hacker, who said he was protesting American policy and encouraging support for thePalestinians, did not appear to have broken any passwords or codes. Instead, he apparently impersonated a Verizon employee and fooled the company’s technical support personnel, using some information about Mr. Brennan to get them to reveal his password and other account information.

That led the hacker to emails that Mr. Brennan had apparently forwarded from his White House account to his personal account.

Mr. Brennan can take heart from one fact: If the hacker got hold of his detailed security-clearance filing, which would date back to 2009, it is probably not the only copy around. The Chinese are believed to have one from the Office of Personnel Management.

No comments:

Post a Comment