I don't think there is any serious doubt that ATP28 was the group that did the hack (Bad assumption on my part in this case - most of the time people have accepted that but have doubts about it being a state actor).
I think CrowdStrike was the first firm to attribute it to them[1]. Note that APT28 is also known as "Fancy Bear", so you may see some reports attributing it with that name.
Nothing forcing you to believe it of course, but in the world of cyber attribution this is pretty decent evidence.
That crowdstrike article reads like an advertisement I'd prefer something more authoritative before flirting with war with a nuclear power. I think the real question is, why is a Russian military unit so hapless they can be caught by a firm like this? Doesn't that sort of undermine the claim that they are a major threat and instead make the DNC look like helpless idiots tricked by Russian teenagers?
I understand it will reveal the method of entry, but a smart criminal won't leave his drivers license at the scene of the crime as the "Russians" have seemingly done here.
Well the "method of entry" is what was used to identify them, and they had to leave it there so they could re-access the system.
There isn't much unusual about this - a similar thing happened with the Shadow Brokers/Equation Group (NSA) hack for example[1] (although in that case some of the control tools were taken instead of just the payload). It would be exceptionally unusual for nothing to be found.
I think CrowdStrike was the first firm to attribute it to them[1]. Note that APT28 is also known as "Fancy Bear", so you may see some reports attributing it with that name.
Nothing forcing you to believe it of course, but in the world of cyber attribution this is pretty decent evidence.
[1] https://www.crowdstrike.com/blog/bears-midst-intrusion-democ...