The head of Ukraine’s national cyber police has warned that Russian operators are staging malware in Ukrainian enterprises, presumably for a coordinated campaign as some later date. Today is Ukraine’s Constitution Day, often mentioned as attractive to attackers wishing to draw maximal attention to their political point. August 24th, the country’s independence day, is another date mentioned for potential attack timing. Russian authorities have issued routine denials of involvement in cyberattacks on Ukrainian targets.
The threat, should it materialize, is unlikely to be confined to Ukraine. NotPetya began with attacks on Ukrainian targets and quickly spread worldwide.
Cyberespionage campaigns, apparently staged by and from China, have been targeting Tibetans resident in India.
Bravo, Talos. Cisco’s research unit has released a free decryptor for Thanatos ransomware.
Facebook’s continuing audit of apps and data usage attracts little love. It’s proving difficult for the company to track down third-party data use (many such parties proving either uncooperative or defunct). And critics including Ukraine’s national cyber police see Facebook as slow and unresponsive in its reaction to discovery in April of a quiz app’s having leaked data on some 120 million users.
A multi-agency law enforcement operation in the US has taken down a number of alleged dark web contraband dealers, for the most part drug traffickers. The action involved the Department of Justice, Homeland Security Investigations, the US Secret Service, the US Postal Inspection Service, and the Drug Enforcement Administration. Authorities are tight-lipped about details, but apparently Government agents posed as cryptocurrency money-launderers to roll up the suspects. Ukraine’s national cyber police.