I was screaming inside when the FBI started waving around that they had evidence and all they could show for it in public at the time was a handful of incoming HTTP requests from Russian IPs.
I get hundreds of MB of traffic from Russian, Chinese, etc IP addresses every week scanning for drupal/wordpress/etc vulnerabilities. It hardly meant anything.
Worse still is that we know that this happens and my colleagues still just go along with whatever companies like CrowdStrike or Trail of Bits or whoever say. Like we make business decisions based on their word alone. They're popular, so they must be correct. Group think is real and there's large numbers of us who aren't as capable as we claim to be. 95% of the work for most is checking the boxes on compliance questionnaires and getting shut down/stalled by the engineering & ops teams who actually make their companies money.
