Pakistan and China appear to have been the ultimate targets of a long-running and sophisticated Indian cyber espionage campaign, interesting on many levels, not the least of which is its choice of third-party attack paths. Norman Shark, which has been on investigative point, cautions against reading too much into the presence of an Indian security company's name in the malicious code: the company might be implicated, but it could also be a victim of misdirection.
The Lady Boyle remote access Trojan has appeared on South Korean military sites in a reconnaissance effort directed against that country's defense posture.
Sino-American cyber tensions continue to rise as the People's Liberation Army resumes operations against US targets. Well-connected advisors tell the US Administration it's time to go on the offense against China, and Congress yanks the Pentagon's leash over purchases of Chinese sitcom services. (Watch for similar scrutiny of Foxconn-built Apple products' appearance in Defense networks.) Analysts continue to explore how Chinese espionage represents a supply chain problem. The 2010 Google Aurora hack looked at the time like a campaign against Chinese ethnic minority activists, but now seems to have been a counterespionage effort: the hackers were after US Government surveillance requests in Google databases.
A new version of the Citadel banking malware is circulating in Payza, a money transfer service popular in the developing world.
Connoisseurs of US Army procurement will follow the latest DCGS-Palantir smack-down with interest.
Journalists react with alarm to an apparently growing US Government tendency to regard them as accessories to espionage.
[Updated 08.01.2014 cwu000-003]