There’s a lot of news circulating about what an enormous threat hackers pose. This news is validated nearly every day, when a new story emerges about a cybercriminal intrusion on the server of a hospital, business or governmental organization. These days, cybercriminals seem to always have the upper hand and never make any missteps.
But fortunately, hackers are only human, and, like the rest of us, they’re bound to make the occasional security mistake. Such is the case with Jeremy Hammond.
Prolific Hacker Led Life of “Hacktivism”
The first thing to understand about Hammond is that he is — or was — very good at his job. It’s just too bad that he chose to funnel his talents into a practice that is highly illegal.
At a young age, Hammond proved very adept at computers, going so far as to design video games by the tender age of 8, according to Naked Security. But his pursuits became decidedly less harmless as he grew older. As a young man he’d joined the ranks of the so-called “Hacktivists” — people who hack in the service of a higher good (or at least what they consider as such). For Hammond, the impetus for his hacking was a desire to hold politicians and other figures of authority to task.
“From the start, I always wanted to target government websites, but also police and corporations that profit off government contracts,” he told the Associated Press’ Martha Mendoza during an interview at the Kentucky prison where he’s serving his sentence. “I hacked lots of dot-govs.”
The problem posed by Hammond and others targeting governmental organizations isn’t something those groups take lightly. As Mendoza pointed out, the federal government spends $10 billion annually to protect the integrity of its computer systems, and a chunk of that allocation goes toward catching people like Hammond.
After Hammond exposed data from a U.S. security think tank called Stratfor, the hunt was on for him. According to authorities, the Stratfor hack had cost millions of dollars and also jeopardized the security of many people, and somebody needed to answer for it.
Authorities busted down the door of Hammond’s home in Chicago in March 2012. Charged with the Stratfor hack, Hammond will be in prison until at least 2020. In his days of confinement, Hammond has more than enough time to ask himself some important questions. Among these is one that’s particularly interesting: “How did I get caught?”
Welcome to the Worst Password Club
However, Hammond claims that the answer to this question wasn’t particularly hard to come by. Sure, federal records are confidential, and therefore there’s no way of knowing exactly how authorities nabbed Hammond. But that hasn’t prevented him from coming up with the most likely answer — that they were able to guess his shockingly simple password.
You see, for all his hacking ability, Hammond apparently didn’t give too much consideration to the security of his own computer system. If he had, then he probably wouldn’t have made the password to his encrypted computer “Chewy 123,” which, as ars technica pointed out, was the name of his cat.
When Hammond revealed this absurdly easy-to-guess password to the AP’s Mendoza, she observed that he looked down at the floor in shame as he admitted that “My password was really weak.” For all the mistakes he’s made in the hacking realm, this response to his own password error seems entirely appropriate.