Taking Evidence Seriously: Russian Hacking

One of the reasons I decided to start writing again was to put my experience in the field to good use. Primarily to explain the sometimes confusing world of Computers, Technology and Networking by making real world analogies. I hadn’t intended this to be political in any way but with what’s going on out there today it means that that’s what I’ve primarily been writing about.

So let’s talk about the recent hacking news based in the real world evidence and not hyperbole.

Unless you were living under a rock for the last half of 2016 you are aware that there was a massive leak of Democratic National Committee e-mails from key players in the Democratic Party. It’s been determined by a large number of public and private sector officials that these hacks were from the Russian Government. There are certain people who think that this can’t be true and while much of what occurred is classified, there is still plenty of public evidence readily available.

So how do they know that it was the Russians? Much like investigating a crime of say murder — the perpetrators leave behind key evidence like DNA, finger prints, fibers from their clothes, pieces of skin, etc etc. In a hacking attempt whether successful or not they also leave behind a signature. The tools used to infiltrate any systems whether government or private were created somewhere. I speak of things like malware and pieces of code that are created for the very specific purpose of gathering and extracting information from a target. The perpetrators will continue to use these toolsets in multiple attacks over time iterating on them and improving them, but the basis is still there — a signature if you will.

Your browser is out-of-date!

Update your browser to view this website correctly. Update my browser now