During a police raid in March 2012 he raced through a friend's Chicago home to shut and lock his laptop.
"My password was really weak," Hammond said from Manchester Federal Prison.
That password according to one password strength tool had 25.6 bits of entropy and was graded as very weak. It was made weaker still given that passwords of a personal nature made guessing easier.
Hammond, who was undone by fellow LulzSec hacker turned FBI informant Hector Xavier Monsegur, was sentenced to the maximum 10 years prison under his guilty plea deal.
Hammond says the Stratfor hack involved a dozen people, including the still-unnamed instigator. A cache of 5.2 million emails and account data on 860,000 people, along with 60,000 credit cards, leaked to the web.
It revealed alleged surveillance by the intelligence contractor on Occupy Wall Street protesters, explosive diplomatic and military allegations including that Israel and Russia exchanged drone and missile codes sold to Georgia and Iran, and corporate spying on activists.
Hammond recapped his motivations for his activism and later hacking of corporate and government infrastructure and pondered the harm brought by trained state-sponsored hackers considering the damage done by the small but talented LulzSec hacker outfit.
"If I was capable of doing these things on my own or with my team, what about a well-financed team that trained for years?"
No comments:
Post a Comment