Who is Guccifer?

Several things have led me to gain a deeper understand of privacy, including intrusive government surveillance, the potential for mischief from those who would do us harm along with simply wanting to be left alone.  But nothing is more disturbing than what hackers can do with your personal information.  An individual named Guccifer stands at the top of the hacker list (I will refer to Guccifer as 'he' for ease of writing though Guccifer could certainly be a she).  The name Guccifer appears to be a mash up of the words of the designer brand Gucci and the devil Lucifer.

This individual is believed to have hacked into numerous email accounts of heads of state, including George W. Bush's sister Dorothy Bush Koch.  He used the account to circulate images of George H.W. Bush in the hospital.  He also broke into Colin Powell's email and even secret service and FBI agents.

These are all high profile targets, with presumably multiple levels of high tech security given their positions.  These security measures are no match for Guccifer.  Not only does he break into whatever he wants, but the FBI can't even seem to track him down, despite of his high profile crimes against government officials worldwide, heads of large corporations and Hollywood personalities.

Guccifer recently made the news again, revealing a whole new crop of people who were hacked by this individual, including journalist Carl Bernstein, Sex and the City author Candace Bushnell, the CEO of MetLife, Steve Kandarian, James Roche, former Secretary of the Air Force, Laura Manning Johnson, a top Homeland Security official who is ex-CIA, among many others including an Obama appointee.  Even fitness star Denise Austin was hacked by Guccifer!

This Smoking Gun article provides more detail of what occurred and who was affected, but we can learn from the mistakes of some of these people.  Some of the mistakes people made:

• People's security questions used to gain access to accounts were correctly guessed by Guccifer.  He reviewed Wikipedia pages on these people to obtain background information on them and used a list of the most common dog and cat names.
• He obtained people's email addresses from their contact lists and then hacked into those.
• He obtained sensitive phone numbers of high level people from hacked accounts where people elected to have their phone bills emailed to them
• He obtain passwords and PIN numbers people had kept in Microsoft Word document per the Smoking Gun website:

Combined, the two [Word documents] (which were found in the “Guccifer” archive) offered free access to accounts with eBay, Netflix, PayPal, Xbox, Amazon, Sprint, Etsy, Facebook, Dropbox, Time Warner, and Skype. Not to mention credit card, banking, insurance, retirement, and frequent flyer accounts. The former G-man’s list even included a three-digit password for a “Gun Lock.”

If he can do this to high level people, how protected are you?

Unless you are a Rockefeller or a UN official, you probably aren't on Guccifer's radar screen, but what about all of the Guccifer wannabes out there who find it challenging and fun to see just what they can hack into and steal from ordinary people?

This is just one reason why privacy is so important and why I started this blog.  While we cannot protect ourselves and our families from everything, we can take simple steps to achieve uncommon privacy.

Privacy Action Plan (PAP) - How to Protect Your Email

PRS - Level 3

• Do not put your real name in your email.  Put your first name and last name initial in the From: field on your emails.  Instead of Albert.Einstein@yahoo.com, choose genius4422@yahoo.com.
• Security questions are there to help you regain access to your account if you forget your password.  Your security questions do not have to be obvious or even true.  You can and should make them up.  Where did you go to elementary school: banana.  What is the name of your dog: meteorology.  What is your mother's maiden name (a particularly terrible security question that can easily be figured out on ancestry.com): 10W30.  Write these answers down on a piece of paper somewhere or commit them to memory.
• Write your contacts down with pen and paper and don't keep them in your contact list.  This is a tough one to do and you should consider the cost/benefit to yourself and your friends' identities for having this information stored online.  There is no better way to prevent your friends' emails from being hacked than to simply delete their information from your contacts write their information down.
• If you have bills emailed to you, pay them, delete them and remove them from your electronic 'trash can'
• Don't keep passwords and PINs in a Word file or any other electronic file.
• Empty your browser history and cache daily.  Your history and cache can be used to steal your identity.
• Disconnect your wifi at night or when away from your computer for long periods of time.  If someone has gained access to your computer, they'll probably use that access at night when you are sleeping so you won't notice.  If the wifi adapter on your computer is off, you are safe from any hacking. 
• I recommend using an offshore email provider, such as Yandex or Autistici as hackers seem to be focused on American company email services like Yahoo, Hotmail, etc.