Paul Rascagneres and Vitor Ventura of Cisco Talos presented a talk at the VB2020 conference on September 30. Attributing cyberattacks to a particular threat actor is challenging, particularly an intricate attack that stems from a nation-state actor. The best method for arriving at a solid attribution is to examine the infrastructure and techniques used in the attack, but even then, researchers can often get it wrong, they say. The UK’s National Cyber Security Centre (NCSC) directly attributed the WellMess malware to APT29, a Russian-backed threat group.”]
Source: https://www.csoonline.com/article/3584870/common-pitfalls-in-attributing-cyberattacks.html