|"Cyber Stalingrad Statue has opinions!"
First off, it's not a "hack" of a command and control box that resulted in this leak. Assuming it's real (I cannot confirm or deny anything here - largely because I don't know), it's almost certainly human intelligence - someone walked out of a secure area with a USB key. So let's go down the list of factors that make it "Almost Certainly Russia".
- Timing: Seems almost certain to be related to the DNC hacks. High level US political officals seemed quite upset about the DNC hacks, which no doubt resulted in a covert response, which this is then likely a counter-response to. As Snowden put it: Somebody is sending a message that they know about USG efforts to influence elections and governments via cyber.
- Mention of corruption and elections in the text of the release feels classicly Russian
- Ability to keep something this big quiet for three years (leak is just post-Snowden) is probably limited to only those with operational security expertise or desire to leverage those bugs for themselves
- Information results from HUMINT, not simple hack of a C2 box as suggested (not that even that would be easy). Level of difficulty: Very Experienced Nation State.
- Alternate possibility: someone was sitting on a redirector box and the most incompetent person on Earth uploaded this ops disk to it to make their lives easy. Still means someone was hiding on this box who knows what they're doing in an unusually skilled way.
- Alternate, believable opinion on this from the Grugq: here.
- No team of "hackers" would want to piss off Equation Group this much. That's the kind of cojones that only come from having a nation state protecting you.
- Wikileaks also has the data (they claim)
|"Conventional Wisdom from Russian Intel!"