Security Lessons to Learn From Tactics of Indicted Russian Hackers

The indictment filed by Special Counsel Robert Mueller on Friday the 13th reads in places like a crime novel. The story explains step-by-step how a group of Russian operatives who are part of the Internet Research Agency targeted the Democratic Party and the Hillary Clinton campaign, hacked into their computers and then stole vast quantities of data. The breach happened in March of 2016, although the process started three years before that and would soon become the centerpiece of election news as breached emails started appearing on Wikileaks and other websites forming the basis for a series of stories embarrassing to the campaign. But as you read through the indictment, there’s more there than just a theft of emails. There’s also the story of how the data was exfiltrated and transferred out of the U.S. as well as how the Russian operatives tried to cover their tracks. This investigation then led to a second indictment related to the same Russians and their attempts to manipulate social media and to create fake news to influence the 2016 U.S. presidential election.