| What sort of proof are you looking for? If you're looking for firewall logs or hard drives with definitive proof that malware on certain machines was linking back to particular servers then you're out of luck. However Crowdstrike, the firm that the DNC used to investigate the intrusion, published a report that shows some of the code used and other IOCs from the attack [0]. A security firm like Crowdstrike would have lots of familiarity with these APT groups from previous investigations, so when they identify these groups they have evidence (i.e. they found specific malware or tools that are known to have been used in previous attacks, connections to or from known bad domains, IP addresses etc.) that links the attacks to these groups. This, however, doesn't prove that APT 28 and 29 are Russian, but if you search for information about these groups, their Tools Techniques and Procedures (TTPs), who they have targeted etc. you can draw your own conclusions. Note, this was long before the election and before there was politics surrounding the attribution. However this data is only about the intrusion into the DNC's network, and not necessarily linked to the release of personal emails of Podesta & co. [0] https://www.crowdstrike.com/blog/bears-midst-intrusion-democ... |