Russia’s security services report that country’s infrastructure has been targeted by advanced persistent threats. Affected networks are said to number about twenty, with “scientific and military institutions, defense contractors, and public authorities,” affected. (“Infrastructure” here is used loosely, as roughly synonymous with “important network.”) Kaspersky’s investigating without so far offering attribution, calling the actors “a powerful cyber gang.” Much a priori speculation in the US says NSA is (should be?) responsible.
Russian services remain the prime suspect in the hacks of the DNC, the Clinton campaign, and the DCCC. It’s thought that the hackers may be particularly interested in donors. WikiLeaks refuses to say where it got the data it dumped. Amid calls for retaliation and cries of “cyberwar,” US DNI Clapper says it’s too soon for attribution and asks people to stop “hyperventilating.”
Spiegel reports another email dump, this one apparently showing NATO interest in affecting the conflict in Ukraine.
French police investigate alleged accomplices in the church attack near Rouen, suggesting the ISIS-hearkening wolves may have belonged to a local pack. ISIS calls for jihad in Russia, and howls for jihad aren’t confined to ISIS: its Shi’ite competitors and adversaries in Iraq (led by Muqtada a Sadr) say they’re “thirsty for American blood.”
A British general calls for formation of a kind of cyber Dad’s army for service in hybrid wars.
Conficker’s old C&C IP turns up in current criminal campaigns.
The SpyNote Android Trojan has leaked to the underground souk. Expect it to appear in attacks soon.