After much speculation, the report had little to do with cyber attribution. It had everything to do with traditional tradecraft and sourcing.
Two groups exist in the INFOSEC community right now. Those who swear CrowdStrike’s attribution was right and those who swear their report was inadequate. I’m still firmly with the latter.
Cyber attribution wasn’t the key factor according to the ODNI report.
25 pages. More than 90% of the report was focused on other sources than cyber / technology, and the majority of the justification and basis followed suit. Behavior. Patterns. History. Tradecraft.
Here are my comments on the sections that pertain to my quick analysis.