I’m not sure how this shifts blame? In my opinion the blame sits squarely on the shoulders of the entity whose systems were exploited. Microsoft is responsible for the security of their systems, full stop. Doesn’t matter if the GRU did it or some random guy in Venezuela.
How do you know Microsoft was even “hacked”? I mean if you want to get super pedantic about this, I haven’t personally seen any proof.
So yes while a computer provides a convenient mathematical abstraction upon which we can reason, we aren’t talking about how a computer boots. We are talking about figuring out - within a certain confidence level - the group of individuals that likely carried out an attack. We are now firmly outside the scope of the neat little mathematical abstraction of the machine. Even within a machine, there’s more nondeterminism than you or I would like to admit. But that’s a topic for another day.
The methodology is not secret, you can google for threat actor attribution. Private companies do this work as well as governments. You are welcome to go join one of those companies or organizations to learn how it works and work to improve the process if you are so passionate about it!
You are the one putting some political agenda on this. China, Russia, as well as North Korea, Israel, Iran, and many other countries have robust offensive cyber capabilities. Attribution is not an exact science, and if you actually read any raw intelligence report it is clearly marked with a confidence level for that exact reason.
