The Southwest Asian cyber riots continue to accompany unrest in Turkey and civil war in Syria. The Syrian Electronic Army (agent of the Assad regime) supports Turkish dissidents by hacking Turkish government sites. Ottoman revanchists expand their North American campaign from Ohio to Michigan, hacking sites in Lansing.
More interesting than rioters nostalgic for the Sultanate, however, is evidence that a US citizen critical of Turkey's Gülen movement and its involvement in US charter schools was phished with RCS spyware. RCS is a Hacking Team lawful intercept tool; Gülen is widely influential within Turkish judicial and security agencies. Arsenal Consulting found email carrying the RCS payload launched from a Turkish server. While stopping short of attributing cyber attacks against US citizens to the Turkish government, Arsenal invites you to do the math.
Kaspersky reports discovery of a new Chinese cyber espionage campaign, "NetTraveler," targeting "high-profile victims," mostly in sensitive technology industries. This report complicates the coming Sino-American summit, which seems to be developing into a diplomatic showdown over cyber conflict. US grievances are independently echoed in the United Kingdom and New Zealand, both of whose governments fear that Chinese-manufactured hardware contains embedded espionage capabilities.
Another DNS amplification campaign is underway, this one with an Australian focus, as DNSimple, easyDNS, and TPP Wholesale report denial-of-service attacks.
Corporate counsel may reflect with profit on two emerging ambivalent trends: the degree to which businesses might know that their sites are infecting customers with malware, and growing business sentiment in favor of hacking back.