CIA Director Email Hacked by Teen

CIA Director Email Hacked by Teen

Earlier this week, a self-proclaimed hack going by the persona “Cracka” hacked the personal email accounts of none other than Central Intelligence Agency director, John Brennan. This latest embarrassment has further shown what the state of cyber-(un)security is like for the US government.
This teen who described himself to the New York Post as a “non-Muslim teenager” who was upset at the US governments support of Israel over Palestinians in the middle east. He went further to say how he socially engineered Verizon and AOL to give him the data required to reset his password, which is common tactic used by anyone wanting to hack into someone’s email for social media account.

The ability for an inexperienced teenager to be able to hack the account of one of the most prominent figures in the intelligence world highlights the problems with storing sensitive data on a public facing server. Granted this email account wasn’t a government email server, it still shows that documents such as a top-secret clearance application which had all of his personal details and presumably wasn’t encrypted. Per Al Jazeera, “For Brennan, was it negligence, hubris, or a belief that the rules didn’t apply to him? Of all people, he should know that there’s a silent, secret cyber war happening right now involving not just millions, but billions of accounts.”

All of the documents the teenager was able to pull off of the account were dumped onto Wikileaks on Wednesday and “began publishing documents from Brennan’s non-government email accounts” (Al Jazeera/Maktoob/Yahoo News). The CIA had little to say about the matter, stating that “We are aware of the reports that have surfaced on social media and have referred the matter to the appropriate authorities” and CIA director Brennan hasn’t commented on the matter as of yet.

Per Wired, The emails are available on Wikileaks, but we will not be posting a link.

Other High Profile Breaches:

Experian (includes T-Mobile)
Scottrade
Trump Hotels
Tesla and Chrysler (unrelated to each other)
Apple App Store
U.S. Office of Personnel Management (OPM)
Kaspersky & FireEye (unrelated to each other)
Excellus Blue Cross Blue Shield
Ashley Madison
Ashley Madison (follow up)


Thanks for stopping by and reading our blog. We would appreciate if you could subscribe (assuming you like what you read; we think you will). This is meant to be informative and to provide value to anyone who reads this – regardless of their knowledge and/or understanding of IT/Cybersecurity. To learn more about us, check out our “About Us” page.

Be sure to subscribe to this blog and to our Podcast.

If you have ANY Cybersecurity needs, please contact us and a member of our staff with promptly reply to your question or concern.

References

Al Jazeera/Maktoob/Yahoo News
New York Post
Al Jazeera
Wired


Enter your email address:


Delivered by FeedBurner


Subscribe to our mailing list

* indicates required







About Matthew Eliason

Matthew Eliason was born in Houston, Texas.  Upon graduating from high school, he joined the Navy.  His first tour was as an Information Systems Technician of a 130 client DOD network where he developed the documentation and maintenance procedures from 2007-2012.  In 2012, he transferred shore duty where he serves as a system and security administrator.

He graduates with a Bachelor’s of Science in Information Technology from American Military University in November of 2015. He holds the CompTIA Security+ certification and has extensive experience in DOD Information Assurance (IA) and Cyber Security compliance and procedures.  He enjoys golf, hiking, watching football in his spare time.