OPSEC is hard! Doing things that are covert is expensive and time consuming. Being invisible in today’s digital age is very hard. Operating covertly in plain sight it also hard.
Everything about this “stuff” is hard, except sometimes maybe it’s just viewed as “it’s hard and expensive” so why even bother, or conversely… maybe the objective can be “we want people to know it was us.”
Either way there’s some interesting reading if we look at “cyber” and “opsec”. For the minute I’ve just started to collect a list of links to articles which show some of the ways opsec failures have occurred in the past in relation to the GRU.
As we can see there’s a mixture of areas here from espisionage, electronic warfare, information operations, computer network exploitation (CNE) and computer network attacks (CNA).
Ok so this is really just a collection of examples for people to look at, it’s not just the GRU who have opsec challenges. Every countries military, intelligence services and defence contractors do, because opsec is hard, and data is like oil, it gets everywhere, is messy and is hard to clean up! And as mentioned above, there might be reasons why someone wants something to be attributable to them.