May we ask for your support? As a finalist for this year's Maryland Cybersecurity Industry Resource Award, we're also up for the People's Choice Award. If you're read or listen to the CyberWire, we'd appreciate your support. You can vote here through March 22 (and you don't need to be in Maryland, or even in the US, to do so). Thanks as always for reading and listening.
Twitter bots and influence ops. PetrWare steals and improves Petya ransomware. Credential-stealing apps purged from Google store. Patch notes. Gamification and cyber operations. Advice for prospective whistleblowers?
The UK continues to worry about Russian influence operations targeting upcoming elections. In an odd, possibly related development, Russia's embassy to the UK is converting its Twitter followers to newsbots ready to disseminate the Moscow line.
There've been other Twitter issues this week as well. A large number of accounts have been hijacked to spread neo-Nazi symbolism, and there's an ongoing campaign out of Turkey to rope Twitter accounts into a pro-Erdogan net. The Turkish campaign is focused on Europe, especially the Netherlands.
Google has purged a number of credential-stealing apps from its store.
Petya ransomware has been stolen by criminal competitors and transformed into a more dangerous variant, PetrWrap.
Yesterday was Patch Tuesday. Microsoft issued eighteen bulletins, nine critical.
In industry news, rumor has it that Citrix is putting itself on the block.
There's considerable attention being paid by cyber and intelligence operators to gaming: cyber ranges see increased use, the US Department of Defense may be learning lessons from Pokemon-Go, and the CIA likes using old-school board games to train officers.
In the UK, attorneys aren't sure whether the GDPR is legally binding already, in advance of its formal implementation next year.
The Vault 7 story is still developing, but there's little new today. Wired does have an interview on leaks, however, with former CIA whistleblower (and convicted leaker) John Kiriakou about whistleblowing. His surprising advice to prospective leakers? Don't go directly to the media. Take the matter up with your chain of command first; then lawyer up.
Today's issue includes events affecting Australia, China, Ethiopia, European Union India, Israel, Netherlands, Russia, Turkey, United Kingdom, and United States.
In today's podcast, Emily Wilson from our partners at Terbium Labs talks about how the Dark Web reacts to events like Cloudbleed. We also speak with our guest, Justin Harvey from Accenture, who shares informed speculation about the private sector's interest in attribution.
Special editions of the podcast are also up. See Perspectives, Pitches, and Predictions from RSA, and an overview of artificial intelligence as it's applied to security. And see also Cylance's video (taken in partnership with the CyberWire): opinions from the conference floor.