ADVERTISEMENT
latest stories:

Hackers hit Palin, expose the dangers of using personal e-mail to conduct business

While it's hard to imagine President Bush, Vice President Cheney or Republican presidential candidate John McCain spending much time on (or even having) a personal e-mail account, the newer generation of politicians are as plugged in as the rest of us. In fact, just how much they use e-mail for official business is fast becoming an issue in this election as the campaigns head into the homestretch.

To wit: hackers broke into the Yahoo! e-mail account of Republican vice presidential nominee Sarah Palin and plastered personal photos, several messages, and Palin's e-mail contact list on a site called Wikileaks.org, the site reports. This is the same site that a federal judge in San Francisco in February wanted to disable to prevent it from continuing to publish confidential information.

Although the hacker (or hackers) have not revealed his/her/their identities (the data was sent anonymously to Wikileaks.org), it's pretty clear the intent was to punish Palin for, as the New York Times reported this weekend, using her Yahoo! e-mail account to conduct state business in Alaska.

McCain campaign manager Rick Davis in a statement called the hack a "shocking invasion of the Governor's privacy," but there's nothing shocking about it at all. Palin's Yahoo! e-mail account is protected by a Yahoo! ID (which is the same as her e-mail address) and a password. If someone were to figure out that combination, they would have full access to all of her Yahoo! e-mails. As writer Herbert Thompson demonstrated last month in a Sciam.com article, "How I Stole Someone's Identity," someone committed to hijacking a person's e-mail account can do so without breaking much of a sweat.

Alaska's state government has an e-mail system for its employees, and there's a reason those employees should use it while on the job. This e-mail is better protected than standard Yahoo! or Google e-mail accounts (visitors to Gov. Palin's official Web site can send her e-mail through a template on the site—they are not given her actual e-mail address). Unless you work for the government, most people probably couldn't even get to the log-on screen to access state employee e-mail accounts. In contrast, anyone can log onto Yahoo! from that company's main site.

Of course, it would be very difficult to keep a skilled hacker from accessing most information (a group of hackers calling themselves the "Greek Security Team" penetrated computer systems inside CERN's Geneva, Switzerland, facility, where the world's biggest particle accelerator is housed). In fact, while I was doing the basic research for this blog post, Wikileaks itself was hacked. When clicking on the link to the latest on the Palin story, I was taken to a page that read: " I NOW HACK THIS WEBSITE! AREN'T YOUR PROUD OF ME, WIKILEAKS. I CAN PLAY YOUR GAME TOO!!!" Is nothing sacred?

(Image courtesy of iStockphoto; Copyright: Alex Slobodkin)

 

Share this Article:

Comments

You must sign in or register as a ScientificAmerican.com member to submit a comment.
Scientific American Holiday Sale

Limited Time Only!

Get 50% off Digital Gifts

Hurry sale ends 12/31 >

X

Email this Article

X