Will Guccifer Upend Hillary?
After several years of incarceration in his native Romania, Marcel Lazar Lehel, aka Guccifer, has finally arrived this week in Alexandria, Virginia, to face nine charges of computer hacking. Guccifer, it will be recalled, is the one who revealed the presence of Hillary Clinton's private server through his hacking of Sidney Blumenthal's email account.
Catherine Herridge and Pamela K. Browne of Fox point out the interesting timing of his extradition:
Romanian media have reported the [FBI] request came on or about Dec. 29, 2015. That would have been shortly after the intelligence community’s identification of emails beyond “top secret” on Clinton’s personal server, which became public in mid-January.
The extradition of Lehel may be tied in closely to the unraveling of the Hillary email conundrum. He claims to have secreted as yet undisclosed Clinton documents "in the cloud." He recalls having spent hours reading them and then going "gardening."
I have no idea how this will all play out, but what I have found truly fascinating is the nature of Guccifer himself and the extraordinary simplicity of his hacking exploits. This man is no genius computer scientist of the type we might find at MIT or the Technion, but rather something of an idiot savant with a touch of paranoia.
A compelling 2013 prison interview with Lehel by fellow Romanian Matei Rosca, a writer now apparently living in London, shows how the hacker -- who has no education beyond high school -- used no more than educated guess work to break into the email accounts of major American political leaders. It also shows those leaders to be, bluntly, nitwits in their use of cybersecurity.
What Guccifer did was simply figure out their passwords by doing a little simple detective work. In the case of Colin Powell, he surmised the former secretary of state's password based on Powell's grandmother's name and was able to download most of Powell's emails, attachments and metadata.
I would imagine that most readers of a website like this long ago ceased using easily recognizable phrases like the names of family members for Internet passwords of any significance. It has been pro forma for some years to advise people to use far more complicated PWs on important accounts.