William G. Rich reports:
When the Democratic National Committee realized they had been hacked in April 2016, they turned to experts from a private company: the cybersecurity firm CrowdStrike. Within a day, the company had identified two Russian state-sponsored hacking groups inside the DNC network. Within a few weeks, it publicly explained its analysis in a detailed blog post. It wasn’t until months later that the US government publicly confirmed Russia’s role.
Read more on WIRED about attribution and the impact of private firms being the ones to publish attributions to nation-states, etc.