Germany, which continues to work on remediation of what's being called an "ongoing" attack on a government dedicated secure network, officially declines to attribute the attack. Economy Minister Zypries yesterday said that, while there were no indications Russia was behind the hack, it would be "problematic" if this would turn out to have been the case.
Few others are so reticent. The industry consensus is that the attack is the work of Fancy Bear, Russia's GRU. Some members of the Bundestag who've been briefed on the incident are calling it "a form of warfare."
Fancy Bear has been busy elsewhere, too. Palo Alto Networks reports that it's observing a campaign mounted against diplomatic targets elsewhere in the world.
As disturbing as Russian cyber operations have been, CrowdStrike says that, in its view, North Korea remains the greater threat. Dragos agrees that North Korea needs to be taken seriously. The company believes Pyongyang has been working hard on tools to be used against industrial control systems. It also believes the DPRK is sizing up the US power grid as a promising high-payoff target.
General Paul Nakasone, nominated to succeed Admiral Rogers as head of NSA and US Cyber Command, thinks deterrence is cyberspace difficult but essential. The opposition must, he told Congress, face costs.
The amplification attacks against which security experts warned turned up in the wild Wednesday. GitHub was briefly taken down-estimates range from five to twenty minutes. Security experts call it the biggest distributed denial-of-service campaign on record: 1.3Tbps.