Russia's increasingly thorough imperial pacification of Crimea continues apace. The weekend saw a surge in cyber operations associated with the incursion.
Most noteworthy, however, is several security firms' independent disclosure—G Data, BAE, F-Secure, Symantec, and Kaspersky prominent among them—of a large, capable cyber espionage campaign active in several countries. Variously called "Turla," "Snake," and "Uroboros," depending upon who independently discovered it, the malware framework appears to an evolutionary variant of RedOctober and Agent.BTZ. Among its features is a novel bypass of Microsoft's Driver Signature Enforcement. The malware has been found in at least nine countries, but BAE at least unambiguously calls Ukraine the target.
While some researchers (notably G Data) decline to attribute Turla/Snake/Uroboros to any particular actor, BAE and an analyst from the Center for Strategic and International Studies do note Russian security service fingerprints ("pawprints," says CSIS) on the code. Commendable (if prim) reticence aside, the consensus attribution is to the Russian government.
Hacktivists sympathetic to the Ukrainian side appear to have taken down Russian media site Rossiyskaya Gazeta. India (with at best a very small dog in the fight) suffers collateral damage as its embassy network is hacked to get at Russian arms exporter Rosoboronexport; Indian dealings with Russian defense firms and associated sensitive information appear also to have been exposed.
Elsewhere, hacktivists gear up one of their regular campaigns against Israel. These have recently tended to fizzle; the first attacks are promised today.
Hackers kick Mt. Gox while it's down, claiming evidence of fraud.