Whistleblowing site hacked

A whistleblowing site has been hacked and defaced and all its 54,000 files deleted.

Cryptome said that that blocking attacks is nearly impossible due to the purposefully weak security of the Internet.

In a statement it said that “Nearly all security methods are bogus. A competent hacker or spy, or the two working together, can penetrate easily. We monitor and keep back-ups ready. And do not trust our ISP, email provider and officials to tell the truth or protect us.”

And we thought we were paranoid.

Cryptome has revealed the steps the hackers used. First, its EarthLink email account was accessed and its access password changed. Using that email address, the hacker asked for information about Cryptome’s multiple accounts. The Cryptome.org management account was accessed at Network Solutions (NSI) and all “54,000 files (some 7GB) were deleted and the account password changed.”

Cryptome discovered that something was up when it could not gain access to email or its NSI account.

After placing a call to NSI, Cryptome had all files restored except for the previous two days. After chatting with EarthLink online support, email access was restored and NSI emails were received about the management account changes.

The question is, who could have done such a thing? One of the key suspects would have to be China. Cryptome CN publishes information, documents and opinions banned by the People’s Republic of China. But when you publish secrets, you make a lot of enemies. Just as Wikileaks has.