Non-Political Security Learnings from the Mueller Report

Presented at Global AppSec - DC 2019, Sept. 12, 2019, 10:30 a.m. (45 minutes)

The Mueller Report was split into 2 volumes, focused on 1) Russian interference in the 2016 election and 2) Administration obstruction of justice. By reading the report through a critical security lens we can gather a trove of non-political security learnings, broadly split into Blue Team learnings and Personal Security learnings. Blue Team: This portion covers the hacking of the DNC and DCCC. It examines the evidence in the report around how access was gained, which accounts were targeted, how networks were traversed, and what we can do to defend our organizations. Personal Security: This portion takes a data-driven approach to look at how the FBI gathered evidence. It examines the breakdown between different sources (Twitter/FB chats, emails, interviews, call records, written testimony, etc), as well as how that evidence was attained (subpoena, physical device access, etc). It covers both the Mueller Report and subsequent documents that have now been unsealed, such as Apple/Google subpoenas.

Presenters:

• Arkadiy Tetelman - Lob
  Arkadiy Tetelman is Head of Security at Lob, and previously worked on application security at Airbnb and Twitter. He is passionate about all things information security, ranging from the technical, to policy and legal, to security management and leadership. He contributes to several open source projects and has spoken on topics of security across the country. He graduated from UC Berkeley with degrees in Computer Science and Applied Mathematics.

Links:

• https://globalappsecdc2019.sched.com/event/SJrb/non-political-security-learnings-from-the-mueller-report

Similar Presentations:

• BSidesSF 2021 Virtual / Non-Political Security Learnings from the Mueller Report
• BSidesLV 2014 / C.R.E.A.M. – The Art of Social Engineering Report Writing