The Joint Action Report (JAR) was put out by the Department of Homeland Security and FBI. There is value in the report, but you have to look at it from a Threat Hunting perspective, not as a definitive how to stop an attack. There is a very critical difference. The report never stated it provides proof of Russia as the perpetrator, just methodology. While it is likely that Russia has advanced tools and infrastructure available, they will not make use of those tools unless necessary, as it might disclose the presence of the tools.”]
Source: https://www.csoonline.com/article/3155754/making-the-grizzly-steppe-joint-action-report-useful.html