The first week of 2017 continues to offer skeptical takes on various attributions. The conclusions being called into question range from the debunked (hacking of the Vermont power grid) through the newly controversial (Russian malware-enabled counterfire against Ukrainian guns) to the generally accepted (Russian intrusion into US political party networks).
KrebsOnSecurity has a particularly good round-up of the grid-hack-that-wasn't, with a reflective account of how the story gained currency.
Taia Global's Carr calls bunkum on CrowdStrike's "Danger Close" report on Android X-Agent targeting of artillery positions (more promised at Suits and Spooks—in the meantime SecurityWeek says that CrowdStrike stands by its report).
And many observers continue to express disappointment over the level of detailed evidence contained in the FBI-NCCIC Joint Analysis Report on Fancy Bear's election hacking (many of those same observers also note the difficulty of making such a case without disclosing more about sources and methods than would be prudent).
The Daily Beast has an account of how Islamist exploitation of social media and other online platforms for information operations has proven amphisbaenic: successful for recruiting and inspiration, but risky. Many leaders have been targeted when their phone chatter exposed their location.
Recorded Future publishes its forecast of ransomware's future—contra McAfee Labs, it sees digital extortion growing in 2017. Their first prediction is that "Ransomware will become just another tool in the hacker utility belt." Carbonite argues in its own study of ransomware trends that such attacks will serve increasingly as diversions (the way DDoS has).