We may be seeing something that amounts, almost, to declared cyberwar between the UK and Russia. British Prime Minister May told Commons yesterday that the Government had identified the attackers responsible for the Novichok nerve agent attacks. She named Alexander Petrov and Ruslan Boshirov, characterizing them as GRU operatives. She said the attacks were "almost certainly" approved at a high level, and that "the full range of tools from across our national security apparatus" will be used against the GRU. That full range of tools is understood to encompass, principally, offensive cyber operations. The Prime Minister briefed President Trump and will communicate with the United Nations Security Council today.
Hearings on social media held yesterday by the Senate Select Committee on Intelligence elicited from Facebook's Sheryl Sandberg her example of what might companies like hers might be expected to do against foreign influence operations: suspend inauthentic accounts, the way Facebook, Google, and Twitter did when FireEye tipped them to such accounts' links to Iran's government. "In our mind that’s the system working," she said. But larger questions about disinfecting online nastiness remained unanswered, quite possibly because they're unanswerable.
The US Department of Justice announced that it will be looking at social media providers for signs of suppressing certain kinds of expression and for engaging in anti-competitive practices.
Qihoo 360 warns of multiple malware attacks spreading across vulnerable, unpatched MikroTik routers.
Palo Alto Networks reports that Iranian threat actor OilRig has adopted a more evasive variant of the OopsIE Trojan.