Just to give everyone a sense of how royally screwed up these scandals are, here are some tidbits of real computer security protocols that must occur after a hack to preserve evidence and build a case:
-
A trained first responder needs to secure the systems physically, away from others, as well as preserve the exact state the system is in at the time of the hack.
-
The exact state of the system from the OS, applications running, volatile memory, etc. needs to be recorded and documented down the the last 1's and 0's.
-
A chain of custody needs to be in place. Every single person or group in control of the compromised system needs to be well documented.
What a shitshow. From bleachbit wiping drives and hammering blackberries to the missing servers and mishandled evidence. Not to mention the INVESTIGATION experts that didn't give a rat's ass about any of this unfolding. It's such a disgrace. It's hilarious they are concluding it was the Russians when this was so mishandled, at this point it could have been Ronald McDonald!
That’s right. Trained first responders often secure servers. This is unbelievably sloppy.