Network experts studying the attack are also starting to rule out usual suspects, such as national governments and online blackmailers. That suggests, they said, the attack was another cry for attention by online attack-for-hire services and their customers looking to make a statement.
“All the arrows point away from any sort of political motivation,” which hurts “the nation-state argument,” said Allison Nixon, a researcher at online-security firm Flashpoint. “Of course, you never know until someone’s got handcuffs on them.”
Evidence instead points to the “loosely knit social circle of kids and young adults” who tend to launch similar attacks, Ms. Nixon said. Flashpoint called comments from online groups like WikiLeaks and the New World Hackers that claimed a connection to the attack “dubious.”
Review of the Enterprise E-Mail System Acquisition, September 30, 2016. Reference Number: 2016-20-080.
“The IRS purchased subscriptions for an enterprise e-mail system [Microsoft] that, as it turned out, it could not use.