Maybe it should be a verb: To be Guccifered. Though maybe, in
Hillary Clinton’s case, it would be better phrased as a crime. As in: “They got her on a Guccifer.”
Guccifer is the nom de Internet of the Romanian hacker Marcel Lehel Lazar. Few people realize it, but the Eastern European anti-hero is why the world knows that Hillary Clinton maintained a private email server while secretary of state. This week he may have made Mrs. Clinton’s road to the White House a lot rougher.
It’s a case study in why governments have rules about online security. Guccifer’s specialty was hacking top officials and their relatives—with an eye toward mayhem and humiliation. He hacked the account of Dorothy Bush Koch and circulated photos of her father, former President George H.W. Bush, in the hospital. He hacked years of Colin Powell’s correspondence, including personal financial information. He went after FBI and Secret Service agents, senators and the wealthy.
In March of 2013, Guccifer released hacked AOL email correspondence of Clinton crony Sidney Blumenthal, revealing numerous memos he’d sent to Hillary while she was the nation’s top diplomat. Mr. Blumenthal had sent these notes to Mrs. Clinton at a private, nongovernmental email address. Security experts tut-tutted about the risks, though the assumption was that Mrs. Clinton used the private account for the occasional interaction with friends or political operatives. It wasn’t until early 2015 that the nation found out Hillary was using the home-brew server to conduct every bit of her state business.
But that timing is by the by. What matters is that Guccifer knew, at least by March of 2013, that the third-highest official in the executive branch of the most powerful nation of the world was using a private server. Does anyone think a man devoted to hacking politicians and Federal Reserve bankers would ignore that opportunity?
In interviews from his federal jail cell this week (he was arrested in 2014 and extradited to the U.S. earlier this year), Guccifer claimed to have easily and repeatedly hacked Mrs. Clinton’s server. “It was like an open orchid on the Internet,” he told NBC News. “There were hundreds of folders.”
Clinton spokesman Brian Fallon went ballistic, claiming that no one should believe “the claims made by this criminal from his prison cell.” He pointed out that Guccifer offered no evidence, and said it was “unfathomable” that the hacker would have accessed Mrs. Clinton’s email and not leaked it. Maybe. Then again, Mr. Fallon has no idea what Guccifer did with his material or why, and the hacker can hardly prove anything from a stripped jail cell.
The bigger point is that an unemployed taxi driver in Romania, using nothing more than a desktop computer, was able to infiltrate Mr. Blumenthal’s account and discover that a woman privy to America’s closest-held secrets was using a home-brew server.
The Chinese are bright—even brighter than Romanian taxi drivers. They employ hackers whose only job is to infiltrate the U.S. government. Those hackers have supercomputers at their service. They have lists upon lists of relatives and friends and aides of powerful people. When they break into accounts, they don’t publicize it.
And yet we are to believe that the Chinese never found their way to clintonemail.com? That they couldn’t even keep up with a freelance hacker? “For me, it was easy . . . easy for me, easy for everybody,” Guccifer told Fox News this week. How easy was it also for those foreign hackers to get to the webmail or home-brew accounts of Clinton aides like Huma Abedin, who took her boss’s lead and operated off the government grid?
An interesting side note to this week’s NBC story: It says that “investigators fully intend to question” Guccifer about Mrs. Clinton’s server. We are a year into the email scandal, more than a month into the Guccifer extradition, and that interview hasn’t yet happened? One might wonder if FBI Director Jim Comey’s server investigation is proceeding with the same alacrity as the bureau’s IRS-targeting non-investigation.
If Guccifer were to offer a single hacked email, there would seem to be little way the FBI could avoid bringing legal action against Mrs. Clinton for negligently keeping sensitive information on her system. But even if the Romanian doesn’t have proof, his story shows that hackers were aware of the setup, a fact that would have made the server a target.
It would have, as it happens, made it a super-target. Foreign hackers have to work hard to crack government locks. Here was a server that lacked a host of cybersecurity experts to guard it, even as it held potential treasure. It was the equivalent of finding Fort Knox with nothing but a bicycle lock on it. Pay no mind to reports that the “server logs” show no evidence of a hack. Logs aren’t definitive.
There’s a reason why the government demands its employees use protected servers, a reason why Mrs. Clinton’s team had to force an exception. Because it isn’t safe. Because there are many, many Guccifers.
Write to <a href="mailto:kim@wsj.com">kim@wsj.com</a>.
Comments
Post a Comment