While I suspect the DOJ is leaving out critical information, it is true that these gangs are not nearly as elite as some people imagine.

They just happen to be in an untouchable legal jurisdiction.

It's even more ironic (and troubling) that seeming amateurs managed to shutdown an entire pipeline :)

Can't wait to read this report!

I encountered this myself. I was hit by a browse-and-get-owned zero day. I found out one day later from a blog post, where an anonymous person had hacked the command and control server and wiped the hacker's database in a remarkably brief time. Clearly, their skills were not on par.

The responsible vulnerability was in Java applets, which I had disabled for security reasons. But Java secretly re-enabled itself after updating. I kept Java uninstalled for a long time after that.

I think this is accurate.

If you imagine the extremely unlikely scenario where the DOJ put out a statement that anyone in the US who happened to extract money out of persons or companies in Russia would not be prosecuted or hindered by US law enforcement, what sort of people would jump in to try their hand at that. It seems to me it would certainly be an attractive idea for script kiddies to jump on to if they felt it was low/no risk.