More evidence is being unearthed on the sophisticated cyber-burglary of more than 1,000 emails from the Climate Research Unit (CRU) that sheds light on who did the stealing and why.

An interesting post on IT–NETWORKS picks apart what is currently known about the hack job and what it can tell us about the identity of the hacker and their motivations.

Forensic data analysis reveals that the hacker was in a time zone somewhere in the eastern US or Canada. Rather than a single breach of security, the hacker was also able to access confidential CRU on four different occasions over a six-week period.

The IT–NETWORKS analysis also points out that only a small portion of the emails stolen was actually released. The hacker took the trouble of sifting out all the routine messages about holidays and fire alarms and possibly much more.

What was removed remains unknown but clearly the hacker was trying to discredit legitimate scientists and presumably discarded whatever would not help the contrived scandal of “climategate”.

The hacker also focused specifically on four scientists who had long been the targets of US based climate deniers because their peer-reviewed scientific papers had been used to back the IPCC’s reports on global warming.

Out of dozens of researchers at the CRU, 95% of the 1,073 emails released were sent or received by Phil Jones, the head of the CRU

After the final batch of emails was stolen on the eve of the COP 15 conference, the hacker then broke into the Real Climate site, disabled access from the real administrators, and tried to post a fake story that climate change was all a myth.

All of this indicates that the hacker was no 14 year old in their parents basement but a professional with an agenda. Sir David King, the UK’s former chief scientist, concluded the complex theft was the work of US-based climate deniers backed by carbon money or a foreign government.

“It was a sophisticated and expensive operation. In terms of the expense, there is the American lobby system, which is a very likely source of finance. Right now, the American lobbyists are a very likely source of finance for this, so the finger must point to them,” he said.

King also speculated that foreign governments may have carried out the breach.

“Quite simply, it’s the sophistication of the operation. I know there’s a possibility that they had a very good hacker working for these people, but it was an extraordinarily sophisticated operation. There are several bodies of people who could do this sort of work. These are national intelligence agencies and it seems to me that it was the work of such a group of people,” he said.

As more information comes to light, the individuals behind this operation must be getting worried that their identities, funding and motivations will be revealed. We will keep you posted as this unsavory story unfolds.