A fake bomb threat is being used to extort Bitcoin from businesses, mostly in the US and Canada. Several businesses closed and evacuated their offices, but no bombs were found (Ars Technica). The poorly worded email threats bear the common usage and grammatical markers of non-native-speaking spam, but unlike sextortion, a bomb threat, even an implausible one, is harder to shake off (WIRED). A SANS writer suggests “boomstortion” as a name for this kind of caper.
China has come in for considerable criticism in recent weeks for its cyber operations, particularly those devoted to industrial espionage. It’s displaced, at least for now, Russia as the prime adversary in American policymakers’ public statements (POLITICO). That China is an aggressive cyber power isn’t open to doubt, but criminals are increasingly flying Chinese false flags in attacks that have little to do with Beijing (Fifth Domain). Attacks in Russia also suggest that criminals are trying to pass themselves off as intelligence services, the better to deflect official suspicion (ComputerWeekly).
That said, there are nation-state campaigns afoot. China is probing US Navy contractors (Wall Street Journal), and Russia’s Fancy Bear is phishing widely in foreign governments (SecurityWeek).
ISIS has hailed the Strasbourg Christmas market killer as one of its soldiers. The terrorist, killed by police, was apparently radicalized in prison. Whether ISIS played a role in inspiring him or is simply retrospectively and opportunistically claiming responsibility is unclear, but the terror group as always is attentive to the seasons in its propaganda (Local—France).