|
|
|
|
|
|
by apeace
3455 days ago
|
|
|
It's simply not true that "the intelligence community will never be able to release enough information to satisfy people". A few days back, the same author wrote[0]: > On the other hand, if they've got web server logs from multiple victims where commands from those IP addresses went to this specific web shell, then the attribution would be strong that all these attacks are by the same actor. All the FBI/DHS have to do is say: Organizations A, B, and C all have server logs showing this IP address deliver the same malware. That would be enough information to attribute the hacks to the same actor. If the FBI/DHS were lying about Organization B, then Organization B would speak up about it. The author of this post is right to point out that the attribution given so far is not only incomplete, but is borderline bizarre. [0] http://blog.erratasec.com/2016/12/some-notes-on-iocs.html |
|
|
The attribution issue was whether it was "the Russians".