We're pleased to remind all that it's now possible to become a CyberWire Patron. Your support will help us continue to provide our free cyber security news service, the briefings and podcasts so many have come to use and enjoy. Thanks for your consideration, and as always, thanks for reading and listening. This will be the last of our major announcements of the Patron program, but rest assured, it will always be possible to become a patron.
Get Started with Threat Intelligence
US President Trump issues cybersecurity Executive Order, and industry issues reactions. Concerns about Russian aggressiveness in cyberspace rise. Necurs spreads Jaff ransomware. WannaCry spread by ShadowBrokers' dumped Eternal Blue.
Romania's Ministry of Foreign Affairs is said to be among the diplomatic organizations and missions across Europe being phished by Fancy Bear (APT28, or Russia's GRU). The phishing emails spoof NATO addresses and seek to induce the unwary to download a remote-access Trojan that FireEye researchers are calling "GameFish." Romanian authorities haven't commented, but NATO, while declining to say anything about this particular episode, says it comes under attack all the time, and that spoofed emails are no novelty.
Part of the reason the hacking of En Marche! emails didn't have the kind of effect seen in the earlier attack against the US Democratic National Committee is that the hackers had less time to establish themselves, but a bigger part of the failure seems due to the Macron's campaign early and active mitigation efforts.
The US Directors of Central Intelligence and National Intelligence tell Congress that rising Russian assertiveness, activity, and influence in cyberspace are an enduring and growing threat. Senator McCain regrets that US preparations seem unequal to that threat and excoriates the current national state of readiness.
The Guardian runs a long and rather breathless account of a pro-Brexit cabal of billionaires and populists it sees as behind the vote to take the UK out of the EU. It warns that such influence could manifest itself in the UK's general elections.
WannaCry ransomware is spreading worldwide via the ShadowBrokers' dumped "Eternal Blue" tool.
Jaff ransomware, looking like Locky, is spreading by Necurs and asking for a $3700 payoff.
Today's issue includes events affecting Canada, France, Germany, India, Japan, NATO/OTAN, Romania, Russia, United Arab Emirates, United Kingdom, and United States.