As reported in the article, "Cyber Attackers Instigate Enormous Climate Data Hack", the climate data hackers who exposed more than a thousand emails from one of the premiere climate research facilities in the world to the general public remain at large up to the present. However, they've left clues to their whereabouts as obvious as the breadcrumb trail left by the Hansel and Gretel siblings in the age-old classic fairytale.

Specifically, although the climate data hackers had used open proxies to cover their digital tracks, authorities still have many other tricks up their sleeve in order to catch these virtual villains. Errata Security's very own CEO of Penetration, Rob Graham, stated in his investigation that the hackers utilized three open proxies when they released the sixty-one megabyte zip file of email addresses belonging to the Climate Research Unit (CRU) staff of the University of East Anglia.

CRU authorities announced that they've requested for police assistance in their investigation into the unauthorized climate research data leak of internal documents. As an aside, open proxies have long been a popular method used by normal, everyday Internet surfers (not just hackers) to hide their online identities, or at least their IP addresses. A proxy's ability to channel web requests through a third-party server enables users to make websites see only the IP address of the proxy instead of the actual IP address wherein the request originated.

If Graham's research proves to be correct, then the hackers who posted the leak could very well be a lot "greener" than initially thought, because open proxy use is hardly a foolproof plan to cover one's tracks. For instance, the ClimateAudit post that the climate data hackers submitted came from an open proxy from Russia, while their other submissions utilized a Saudi Arabian proxy; those bits of information already provide two important clues in regards to the real identities of the hackers.

The representatives of CRU have also disclosed that the web rapscallions used a Turkish IP address during the CRU security breach and the submission of the zip file on its servers; it's presumably another proxy address, but a lot could be gleaned from why they picked those particular proxies to do their dastardly digital deeds. What's more, the "X-Forwarded-For" header of the ClimateAudit post could yield the true IP of the hackers responsible for the already infamous database invasion.