After several years of incarceration in his native Romania, Marcel Lazar Lehel, aka Guccifer, has finally arrived this week in Alexandria, Virginia, to face nine charges of computer hacking. Guccifer, it will be recalled, is the one who revealed the presence of Hillary Clinton’s private server through his hacking of Sidney Blumenthal’s email account.
Catherine Herridge and Pamela K. Browne of Fox point out the interesting timing of his extradition:
Romanian media have reported the [FBI] request came on or about Dec. 29, 2015. That would have been shortly after the intelligence community’s identification of emails beyond “top secret” on Clinton’s personal server, which became public in mid-January.
The extradition of Lehel may be tied in closely to the unraveling of the Hillary email conundrum. He claims to have secreted as yet undisclosed Clinton documents “in the cloud.” He recalls having spent hours reading them and then going “gardening.”
I have no idea how this will all play out, but what I have found truly fascinating is the nature of Guccifer himself and the extraordinary simplicity of his hacking exploits. This man is no genius computer scientist of the type we might find at MIT or the Technion, but rather something of an idiot savant with a touch of paranoia.
A compelling 2013 prison interview with Lehel by fellow Romanian Matei Rosca, a writer now apparently living in London, shows how the hacker — who has no education beyond high school — used no more than educated guess work to break into the email accounts of major American political leaders. It also shows those leaders to be, bluntly, nitwits in their use of cybersecurity.
What Guccifer did was simply figure out their passwords by doing a little simple detective work. In the case of Colin Powell, he surmised the former secretary of state’s password based on Powell’s grandmother’s name and was able to download most of Powell’s emails, attachments and metadata.
I would imagine that most readers of a website like this long ago ceased using easily recognizable phrases like the names of family members for Internet passwords of any significance. It has been pro forma for some years to advise people to use far more complicated PWs on important accounts.
The absurd ease of these break-ins by Guccifer makes the use of the private Clinton server seem all the more like an example of extreme negligence, almost bizarrely so, considering the server was used by one of the highest government officials.
Of course, it’s not clear that Clinton’s emails had such a simplified password, but she was obviously communicating with people who did, like Blumenthal. What this amounts to is a truly dangerous cocktail of arrogance and stupidity.
It’s disturbing (and darkly comic) that Clinton, a graduate of Wellesley and Yale, and Blumenthal, a graduate of Brandeis, could be outed by this bored high school grad in a ramshackle village in Romania that, according to Rosca, doesn’t even have a gas station. (For the record, Lehel comes off in the interview as a bit crazy, anti-Semitic, etc.)
The Republican candidates — assuming they have the brains to be cybersecure themselves in this day and age (not a completely safe assumption) — should be making a tremendous campaign issue out of this stupidity and negligence even if Clinton is not indicted.
Marco Rubio was right when he kept saying Hillary is disqualified as president. Guccifer disqualified her.