Information operations come to the fore in cyberspace, as authorities look for ways on countering inspiration and disinformation, whether peddled by extremists or intelligence services. In cybercrime, enterprises grapple with newly commodified forms of ransomware.
A lone wolf turns out to be a known wolf, and a member of a pack at that.
ISIS was quick to claim responsibility online for the murderous suicide bombing in Manchester this past Monday. The killer was, they say, "a soldier of the Caliphate," and his example is being held up for emulation. Apparently the bomber had been fingered to security services as dangerous, but the reports were insufficient to prompt police to interdict the attack (Times of London). Since Monday several associates of the terrorist have been taken into custody, and it appears he was operating as part of an ISIS network (Times of London).
In hearings Tuesday before the US Senate, NSA Director Rogers gave clear (if properly veiled) assurance that the US was conducting extensive cyber operations against ISIS (Washington Post).
Implications of the Manchester bombing for counterterror law and policy.
In the UK, the Manchester bombings stiffen HM Government to do something about the widespread availability of strong encryption, so the most prominent dead-enders in the backdoor side of the cryptowars now seem to be in Downing Street (Computing).
In the US, a bill introduced into the House calls for an investigation into terrorist use of Bitcoin and other cryptocurrencies (Financial Regulation News). It appears to be motivated more by a priori possibility than specific evidence (Motherboard). The House did address one aspect of information security by passing a bill that would foster IT modernization and support development of cyber standards (Inside CyberSecurity). The PATCH Act, another newly introduced bill, would, its supporters say, help avert future WannaCrys by reforming the Vulnerability Equities Process (CFO). And there appears to be renewed support for a return to marque and reprisal in cyberspace, as the House considers a "hack back law," the Active Cyber Defense Certainty Act (Graham Cluley). Observers are skeptical, and the ACDC bill was undergoing revision throughout the week (Threatpost).
How leaky are the intelligence services?
When the week began, observers were mulling the latest dump of WikiLeaks' Vault7, released on May 19th. This tranche contained an alleged CIA tool, the "Athena" implant, said to be able to infect any Windows system from XP through Windows 10 (ZDNet). This leak came on top of the ShadowBrokers' earlier release of "EternalBlue," which the Brokers said (and Microsoft publicly agreed, so this isn't just hacktivist gasconade) was a set of Equation Group tools illicitly obtained from NSA. So NSA has come in for a share of blame for WannaCry (CNBC). There were also reports of a very successful Chinese rollup of US intelligence assets in that country between 2010 and 2012 (New York Times). And, finally, the UK is said to be quite furious with the US for the way in which anonymous sources within the US Intelligence Community apparently told the press things about the Manchester bombing that, in the UK's view, would have been better left unsaid. (That's not just Prime Minister May's view, either: President Trump seems to agree.)