[The Administration] had the DHS and US-CERT issue the "GRIZZLY-STEPPE" report "attributing those compromises to Russian malicious cyber activity". It does nothing of the sort. It's full of garbage. It contains signatures of viruses that are publicly available, used by hackers around the world, not just Russia. It contains a long list of IP addresses from perfectly normal services, like Tor, Google, Dropbox, Yahoo, and so forth.The summing up:
Yes, hackers use Yahoo for phishing and malvertising. It doesn't mean every access of Yahoo is an "Indicator of Compromise".
For example, I checked my web browser [chrome://net-internals/#dns] and found that last year on November 20th, it accessed two IP addresses that are on the Grizzley-Steppe list:
No, this doesn't mean I've been hacked. It means I just had a normal interaction with Yahoo. It means the Grizzley-Steppe IoCs are garbage.
If your intent was to show technical information to experts to confirm Russia's involvement, you've done the precise opposite. Grizzley-Steppe proves such enormous incompetence that we doubt all the technical details you might have. I mean, it's possible that you classified the important details and de-classified the junk, but even then, that junk isn't worth publishing.In the other corner, the "Russia uses non-state hackers all the time" argument:
My take is that both of these are plausible. The Russian government has at least loose connections to a whole community of Black Hats who live on their soil (as do other governments, especially China, Iran, and Israel). Influence is absolutely plausible, though the Grizzley-Steppe report is unconvincing here. Motivations vary from country to country - China and Iran likely would have preferred Hillary, Israel almost certainly would have preferred Trump.
Does it make a difference? Not really, as long as DNC bigwigs use an email password of "password". What is clear is that the DHS report should be taken with a huge grain of salt. But both of these linked articles do a very good job covering the landscape - if you are interested in this topic, you should click through.