Wordfence is the cybersecurity company that runs security for wordpress, which is a large blog network.

Although they did not find a smoking gun with the data released by the public DHS/DNI report, I don't think this necessarily changes my conclusion. First of all, there are still multiple reports by Crowdstrike, Threatconnect, and a many other companies which *did* suggest Russian involvement.

Second of all, the primary conclusion that they do not think the actors were Russian were based in the fact that the program they traced was an out-of-date version of a public malware toolkit developed on a Ukrainian website. To me, the fact that the actors were using outdated malware programs for a sophisticated attack like this suggests to me that they *were* in fact politically motivated - if I were in Russian intelligence, I wouldn't want to use the latest custom crypto tool made in Russia, signed by KGB intelligence, that was never seen before in the world - THAT would set off alarms everywhere and make it a LOT easier to identify me in future endeavors. Instead, I would want to use something public and innocuous and not officially linked to Russia.

Second, I find it doubtful that the official intelligence reports released *all* sensitive data gathered on this to the public. If they reveal all their data, they just make it easier for hackers to avoid leaving the same traces the next time.

---

That being said, this was an interesting and educational read, thank you. I still do disagree with you on this, but I am open to having my mind changed. Factual analysis like this is way more persuasive than bad Trump memes.



Edited 2 time(s). Last edit at 01/03/2017 08:22PM by vortexmagus.