(Picture – David Kernell)

* Briefly, explain what happened, what the implications were because this was an email account that she used for work.
* How at risk are you and your friends (have you ever shared a password, did you change it afterwards, etc.)
* What is the potential fallout of someone gaining access to your email account (either locking you out, or just using it on the sly)?
* What steps can you take to improve your password security?

United States of America Republican Vice Presidential candidate and current Governor of Alaska, Sarah Palin, has recently experienced an issue with a hacker breaking into her Internet Yahoo!® e-mail account. This account was not only used for her personal matters, but also to conduct government business. As the hacker discovered personal information about Palin, such as the fact that she met her husband in high school, her date of birth and home zip code, he was then able to change her password, getting access to her email account. Most believed that the intruder had not actually hacked at all since the information was so easy to find throughout the web on Palin, a highly publicized figure in the U.S. press. However, in reality, the hacker did use a proxy service called Ctunnel; people use this service to anonymously access e-mail services such as Yahoo!® Mail or Gmail™ by Google. “Yes I was behind a proxy, only one, if this **** ever got to the FBI I was ******, I panicked, I still wanted the stuff out there but I didn’t know how to rapid**** all that stuff, so I posted the pass on /b/, and then promptly deleted everything, and unplugged my internet and just sat there in a comatose state” stated the hacker.

The hacker’s motive was to simply find discrediting information on the candidate and post screenshots of her account on the web. “I read through the emails… ALL OF THEM… before I posted, and what I concluded was anticlimactic, there was nothing there, nothing incriminating, nothing that would derail her campaign as I had hoped, all I saw was personal stuff, some clerical stuff from when she was governor…. And pictures of her family.” stated the hacker. The police were able to identify the hacker as a 20-year-old student by the name of David Kernell, the son of a Tennessee Democratic State Representative. He now faces charges related to his hacking.

There are many implications to this issue since Governor Palin used the hacked email account for work. Sarah Palin was chosen by U.S. Republican Presidential candidate John McCain to run for vice president and in doing so had many confidential emails regarding both activities. If “off the record” information had been found, this could have impacted the state or the campaign with intrusion. As this was also a personal email account, many personal discussions about friends and family were made known to the public exposing her private lifestyle. However, as hacker David Kernell did not find anything out of the ordinary on Palin, the implications were not as severe.

As a long-time user of a Yahoo!® email account, I have never experienced problems with people accessing my account. But, I have never given out my password or any information viable for access to my personal account to friends. However, I have given a close friend my password to the school’s computer account because she had forgotten her own and needed access to the Internet for a homework assignment. There were no implications of me doing this. Another friend was not so lucky. She shared her school email password with other students, one of which accessed it posting derogatory statements about another student at the school under my friend’s name. The school was unable to find the culprit and therefore was unable to punish accordingly. Like Sarah Palin, I would not post very personal issues when I know that security is always a factor when it comes to the World Wide Web. The lesson learned here is the fact that when we put information, thoughts, ideas, pictures or whatever on the web, we lose control of it and sometimes it may come back to haunt us. So, tighter security and proper password administration is key to reducing risk of hackers.

The potential fallout of someone gaining access to your email account may result in invasion of privacy, endangerment of personal security, and identity theft. Looking at privacy, the individual who gains access to another’s account has access to their personal information, which could be made public. Looking at personal security, an individual once gaining your online information can monitor your whereabouts and potentially cause you emotional and physical harm. Identity theft has been an ongoing problem throughout the web. Once hackers are able to access personal account details from previous purchases including information such as your name, credit card information, and banking details, they can spend your money and ruin your credit.

A password is a sequence of characters that you have to key in to gain access to part of a computer system. To improve my password security I could create stronger, harder, to break passwords not using only words or numbers, recognizable words, words in foreign languages, personal information or invert recognizable words. I also should not write down my password or use the same password for all machines. I should make the password at least eight characters long and mix upper and lower case letters with numbers and non-alphanumeric characters. Finally, I should pick a password I can remember and change it a minimum of once every 3 months.

(http://wikileaks.org/w/images/Sarah_palin_inbox2.jpg) – to see screenshots of Sarah Palin’s email account

If you enjoyed this post, make sure you subscribe to my RSS feed!