just getting started
Seems to me we are still living in amateurish times.
What would it take for a nation state to completely cover its tracks?
- no "native language stuff" in code or comments
- offshore teams - base your dudes in, say, Malta or Cyprus, not Moscow. No IP geo tracks that way.
- encrypt comms to team and "need-to-know". Just like mushrooms goes the saying. Heck, don't comm via digital means at all.
- start from clean OS downloads from open source. Add malware from crims as needed
- use criminals rather than your cyber soldiers
- muddle up the money trail to your team.
If you add this, and other operational security I didn't think of, how could anyone truly know who's pulling the strings? Could say, Russia "frame" China vis a vis the West? How would we trust our own govs?
I don't see any great reason to doubt Russian involvement in this instance, but the scope for misdirection and possibly even false flag ops is getting bigger all the time.