The link to the post can be found here
I have contributed to the discussion and recommend Jon's post to you.
It provides detailed chapter and verse on who were the people involved, how the Russians set about their tasks and even identifies some of the tools involved. It is a case study in how to conduct a cyber attack against an adversary. If you are familiar with the "kiil chain" it follows those activities quite closely. For anyone who is engaged in cyber security I recommend that you take time out to read the indictment because it describes an attack playbook.
been made much worse by two significant leaks of data which occurred in 2017. These are the Vault 7 leaks and the Shadow broker leks
Vault 7 leaks
On the 7th March 2017, WikiLeaks started to released documents about the US Government’s offensive cyber warfare capabilities. The first tranche consisted of 7,818 web pages with 943
attachments, purportedly from the Center for Cyber Intelligence. Between the 7th March and 7th September 2017, a further 22 tranches of information were released including the cyber warfare
tools and software claimed to have been developed by the CIA. The information, software and tools that were leaked are generally accepted to be “nation state” capabilities.
Shadow Broker leaks
Shadow broker is a group of self-styled hackers who first came to prominence in about 2013 but in the middle of 2017, they released into the public domain a massive collection of tools and
information about zero-day exploits hoarded and used by the Tailored Access Operations (TAO) Group of the US Government’s National Security Agency. TAO is widely understood to be the
proactive hacking (cyber warfare) group within the NSA. The Shadow Broker leaks exposed vulnerabilities in Cisco routers, Mycroft’s Windows Operating System and Linux mail servers amongst others, including the exploit used by the authors of WannaCry ransomware that infected computers in over 150 countries worldwide.
The consequences of these two leaks is that extremely advanced and sophisticated “nation state” cyber warfare and hacking tools and information has been released into the public domain and the
hands of lesser capable countries, and criminals and hackers. This in turn has significantly enhanced their capabilities to attack enterprises who, for the most art, are not equipped to defend
against “nation state” types of attack. These tools operated across the entire security stack namely infrastructure, application, data and user domains.