US Energy Secretary Perry says the threat to power plants (nuclear and otherwise) is real, and that Government and industry are working to address it. Recent probes have been ascribed to Russian threat actors.
Booz Allen has published research that suggests NotPetya may have been in large part misdirection. Researchers think they've discovered evidence that Telebots (a.k.a. Sandworm, that is, most believe, Russia's GRU) used the destructive campaign to conceal traces of long-running, widespread cyber espionage against a large number of targets.
Influence operations, phishing of critical infrastructure, and broad malware campaigns may well be motivated by a common goal, according to Darktrace: fostering general mistrust of otherwise trusted institutions and practices.
Verizon has sustained a major data breach: some 14 million subscriber records are affected, including sensitive credentials. It appears to be a third-party breach: the data were exposed on an unprotected Amazon S3 server controlled by Nice Systems, a Verizon vendor. People who called customer services over the past six months are affected.
Emsisoft has released a decryptor for NemucodAES ransomware.
In industry news, social media security shop ZeroFox picks up $40 million in Series C funding. Deep Instinct raises $32 million (much from Nvidia). OwnBackup raises $7.5 million in Series B. And Cisco announces its acquisition of Observable Networks.
A Carbon Black survey says one in four Americans would consider not voting because they're concerned about cyber threats. Given that about two in four aren't voting in any case, maybe not voting is what philosophers call "overdetermined."