Even though hackers responsible for the cyberattack on the Democratic Party and Hillary Clinton’s campaign weren’t caught in the act, it doesn’t mean they can’t be identified as President-elect Donald Trump has asserted. Michael Borohovski, a cybersecurity expert with experience working with the intelligence community and Chief Technology Officer of Tinfoil Security, says investigators have methods of uncovering the identity of attackers long after they’re gone. “It’s actually significantly harder to catch somebody in the act than it is to catch somebody after the fact,” Borohovski told Business Insider. “Unfortunately it’s not like in the movies where as soon as someone is attacking, big red alarms go off.” In a Fox News interview last weekend, Trump cast doubt on the CIA’s recent findings that Russia was involved in cyberattacks against the Democratic Party to help him win the election, calling it “ridiculous” and an excuse for the opposing party’s loss.
“Hacking is very interesting. Once they hack, if you don’t catch them in the act, you’re not going to catch them,” Trump said. “They have no idea if it’s Russia or China or somebody. It could be somebody sitting in a bed some place.”
Much like investigators at the scene of a crash can piece together clues about the incident, cybersecurity experts can use digital forensics to gain information about intruders, Borohovski said.
“You start looking through logs, you start looking through, at a high level, digital breadcrumbs that were left by attackers and over time, you slowly figure precisely what occurred, where it came from, and who did it,” he said.
Full Article: Why Trump’s assertion that hackers can’t be caught after an attack is wrong – Business Insider Deutschland.