Smoke and Mirrors: Guccifer claims hack of Clinton email servers

Given the hype around this story, I needed to rant for a bit.

107473 d0851

Former U.S. Secretary of State Hillary Clinton during the CBS News Democratic Presidential Debate at Drake University in Des Moines, Iowa, on Nov. 14, 2015.

Credit: Chris Usher/CBS

Marcel Lehel Lazar, of Arad, Romania, goes by the handle Guccifer. In a jailhouse interview with Fox News, Lazar claimed to have repeatedly compromised Hillary Clinton's email server in 2013.

While his claims are attention grabbing, as indicated by the number of news organizations covering it – mostly because Clinton is running for President and the circumstances of her email server are concerning to some – none of them can be proven.

The Fox News story goes into a lot of detail about how Lazar hacked Sidney Blumenthal's AOL account in 2013, and how from there he used IP addresses to track at least 10 other people to a server maintained by Clinton.

While it's true, the existence of Clinton's private email server is only public information because of the Blumenthal hack, that doesn't mean everything Lazar says about the topic should be taken as fact with no checking. He's a criminal with an ego to feed; I think a bit of skepticism is warranted here.

Lazar's claim to fame is essentially acting like D-List hacker and compromising poorly defended email accounts (AOL) used by the sister of President George W Bush and Colin Powell. He's also hijacked some Twitter feeds, but again – everything he has done is low-level stunt work. He isn't some hacking mastermind that threat intelligence vendors would label a walking APT.

Lazar said he accessed Clinton's email server twice, adding that it wasn't very interesting. However, when asked to describe how he hacked the server, he didn't answer. Instead, the story talks about IP scanning, and even then Lazar wouldn't share what tools were used.

From the story:

"Lazar emphasized that he used readily available web programs to see if the server was “alive” and which ports were open. Lazar identified programs like netscan, Netmap, Wireshark and Angry IP, though it was not possible to confirm independently which, if any, he used."

Which is it, he said those are the tools used, or he just named random programs with cool sounding names, but no one knows what they are or how they work?

Here's a hint, aside from establishing that a server exists, what ports are open, and possibly capturing traffic coming from the server itself, none of the tools listed would allow Lazar to break into your email server.

It's a long-shot bet to assume he captured credentials with Wireshark, but that's also assuming he used it. What Lazar is talking about is profiling a server, but profiling doesn't mean he hacked it.

If anything, it means he would know what would be required if he were planning to compromise it.

Ironically, Lazar warned Fox News that people in "this community" (assuming he is talking about the hacker community) "make up stories and it's hard to tell what's really true until you get into the forensics information and get hard facts."

Well so far, the "hard facts" say he was never in that server. Remember, a while back the FBI said an examination of the server's logs showed no sign of compromise.

Again, the Fox News story rehashes a lot of the information already known about Lazar and the 2013 hack that exposed the Clinton server to the public. It spends some time hinting that Clinton might be under investigation too, but otherwise, there isn't anything else. All we have is a random list of tools, an inmate's claim that he did something, and rehashed information from three years ago.

The other big question, if Lazar did access Clinton's emails – why didn't he leak them?

He made a big deal over a self-portrait painted by President Bush (so did the media), but the Secretary of State's email server is boring?

I don't buy it. The better bet is that Lazar is just grabbing for some extra attention, capitalizing on the sensationalism that is surrounding Clinton due to the campaign and her email server.

If Hillary Clinton broke the law, she should be punished for it. But I'm not going to assume guilt because a man in prison – who can't even confirm minor basics – says so.

To comment on this article and other CSO content, visit our Facebook page or our Twitter stream.
Insider: Hacking the elections: myths and realities
Notice to our Readers
We're now using social media to take your comments and feedback. Learn more about this here.