The indictment filed last Friday by Special Counsel Robert Mueller explains how Russian military intelligence officers hacked into computer systems of the DNC, the DCCC, and Clinton Campaign employees during the 2016 presidential race. With sweeping, specific details that have compelled unanimous confidence among Americans (except apparently our President), the 29-page indictment is a textbook on sources and methods. No, not intelligence-gathering sources and methods, which are of course highly classified. Instead, the indictment catalogs the sources of data that were stolen, and the methods used by the GRU intelligence units to methodically hack into the targeted systems, exfiltrate the data, evade detection, and weaponize the data through publications timed to inflict maximum impact.
The lessons to be learned from the indictment’s allegations, summarized below, are useful to any organization serious about data security and prevention, detection, and response to hacking, whether state-sponsored or otherwise.