As Slashdot tells it, I suspect the email and web hosting providers of just not being secure enough. Network Solutions, in particular, has been plagued with any number of security problems recently. So much so I am surprised to read the attacker took over the site operator’s email to gain access. Thankfully, the folks at Cryptome have a good back up plan and were able to undo the damage.
Wired has some more details in particular from a person who contacted them, claiming responsibility. The alleged cracker offered screen shots of the email inbox of John Young, the founder of Cryptome, and of the file directories on the site’s server. This matches details reported elsewhere but Kim Zetter also got in touch with Young who disputes some of the claims, in particular that any files were destroyed or the volume of snagged info was as large as the supposed attacker claims.
Zetter further explains a connection to WikiLeaks the site’s attacker claims is apparent in the stolen files and emails. Rumors have been circulating recently about discontent withing WikiLeaks, some published, unconfirmed, through Cryptome. The Cryptome intruder claims Young’s email reveals the identities of many of these WikiLeaks insiders. What is more concerning than the eye roll inducing drama is that if the attacker’s claims are creditable, many more sources besides the onces at WikiLeaks may have been exposed.
The Register has a further announcement from John Young, saying he will pursue the vandals who broke into his email and the site. I may be naive, but I read the promise as consistent with trying to protect sources that now may be exposed rather than a knee jerk vendetta.
Cryptome Hacked; All Files Deleted, Slashdot