Search This Blog

Showing posts with label United States. Show all posts

United States rejected Putin's offer to cooperate on cybersecurity

The US authorities for the first time publicly responded to the proposal of Russian President Vladimir Putin to resume cooperation in the field of international information security. US Assistant Attorney General for National Security John Demers called the Kremlin's initiative "nothing more than false rhetoric, cynical and cheap propaganda.” And Secretary of State Mike Pompeo said that Russia is dismissive of public security and international stability in cyberspace.

On September 25, Vladimir Putin invited the US authorities to resume cooperation in the field of international information security, which began in 2013 but was frozen due to disagreements over Ukraine and Russia's alleged interference in the 2016 US presidential election.

The President of the Russian Federation then stated that the dialogue in the cyber sphere should not be a "hostage" of political disputes, and proposed a four-point program for restoring cooperation.

In a statement, the Russian President said that "the risk of a large-scale confrontation in the digital sphere is one of the main strategic challenges of our time." "Special responsibility" for preventing cyberwarfare lies, as the Kremlin said, "on key players in the field of international information security," that is, primarily on Russia and the United States.

On October 7, in an interview with the Russia TV channel, Vladimir Putin complained that there was no response to his proposal from the United States. "Unfortunately, as with a number of our other initiatives, there is no response to this, I believe, very important topic, although there are continuing complaints against us about our hyperactivity in the information sphere, interference in elections there, and so on, which have absolutely no basis,” said Mr. Putin.

The Russian Embassy denies the US charge of six Russians in hacking

The Russian Embassy in Washington denies US accusations against Russian citizens of hacking and destabilizing activities around the world

Russia has not been and is not engaged in carrying out cyberattacks in the world, said the Russian Embassy in Washington. The Department believes that the accusation of Russians in hacking is aimed at warming up Russophobic sentiments.

Earlier, the US Department of Justice and the FBI brought charges against six Russians of involvement in a series of hacker attacks and the spread of malware in order to attack the infrastructure of other countries. In particular, they are charged with spreading the NotPetya virus in 2017. It is alleged that these individuals are GRU employees. 

The Russian Embassy said that Russia "has no intention of engaging in any destabilizing operations around the world", as this does not correspond to foreign policy and national interests.

"It is quite obvious that such information occasions have nothing to do with reality and are aimed only at warming up Russophobic sentiments in American society, at deploying a "witch hunt" and espionage,” said the Embassy. According to the document, the US authorities are destroying Russian-American relations and artificially imposing on the Americans "a toxic perception of Russia and everything connected with it."

According to the US Department of Justice, the damage to the United States from the actions of Russian hackers amounted to more than $1 billion. They attacked companies and hospitals in the United States, Ukraine's energy systems, the French presidential election, and the Winter Olympics in Pyeongchang. US Secretary of State Mike Pompeo said this shows Russia's disregard for public security and international stability in cyberspace.

Threats to U.S. Space Systems Multiply Rapidly; a Novel Approach Emerges For Protection



The increasing vulnerability of U.S. space systems lately has incited its rivals to begin with their development of mechanisms for disabling space assets as a method of 'hobbling the joint force' and subverting the economic performance of the nation.

The purpose of this progression is the dependence of America's military forces which are spread across the world for communications, navigation, reconnaissance, and weather forecasts and that the most critical infrastructure sectors in the U.S. economy depend on space frameworks for fundamental administrations.

As of late certain reports from intelligence agencies indicate that enemies have now started focusing not only on satellites, but also on the ground stations that control them, the links between the satellites and the stations, and the ability of the users to access certain services, like the Global Positioning System.

The reports depict various ways in which the U.S. space capabilities may be debased, from electronic jamming of signs to high-power lasers that visually impair sensors to physical attacks on control centers.

It is clearly evident that the dangers to the U.S. space system are increasing consistently, and cyber-attacks offer the broadest exhibit of alternatives to the greatest grouping of troublemakers. 

Against that background, just the previous month a national-security contractor ManTech, came up with a 'novel approach' to deal with protecting military, intelligent, and commercial space assets against cyber-attacks.

Dubbed as Space Range, and it permits users to 'replicate' space networks in a controlled environment with the goal that their vulnerability to cyber aggression can be evaluated. The $2 billion company headquartered in Northern Virginia, has been doing this kind of work for quite a while. It had created the defense department's first cyber test range in 2009, and three years ago even launched an Advanced Cyber Range Environment.

Space Range, which began on May 4, is unique in the sense that it permits profoundly talented cyber experts to attacks exact replicas of satellites, ground stations, uplinks/downlinks, and so forth in a hyper-realistic environment that is air-gapped from the outside world.

As a company press release puts it that gives players the “ability to find hidden vulnerabilities, misconfigurations and software bugs on precise network replications.” The entire framework depends on a software-defined infrastructure model that can be reconfigured in hours as opposed to weeks.

That good news when time and money of the users is concerned, however, the most significant feature of Space Range is that it offers engineers and operators a protected and legitimate setting where to practically investigate the 'hardening' of their overhead resources against cyber-attack.

Nevertheless, with space quickly turning into a field of extraordinary competition, there isn't a lot of uncertainty that the Pentagon's recently introduced Space Force will be 'robustly funded' going ahead.

ManTech's Space Range will in no time, probably transform into a significant tool in assisting the government and industry to figure out where training and hardening outlays should be concentrated.

Kremlin commented on the plans of the US cyber command


Member of the State Duma Committee on International Affairs, Elena Panina, considers the tactics of countering possible "interference in elections", which the US cyber command is developing, as direct aggression against Russia.

Earlier, the Washington Post reported that the US cyber command is developing information warfare tactics against high-ranking Russian officials and businessmen in case Moscow tries to interfere in the 2020 elections. The goal of the cyber command may be representatives of the Russian elite.

"Attempts by the American side to present these plans as "defensive", as a possible response to the case of "interference in the American elections" look ridiculous. In fact, we are talking about the threat of direct aggression against Russia in the information space," said Panina.
According to her, the cynical nature of these actions is manifested in the fact that the United States decided to publicly blackmail Russian political and business elites, threatening to hack e-mail and invade personal space.

She believes that the purpose of public disclosure of such plans is an attempt to intimidate the Russian political class. "Such actions are more typical for a criminal group than for a legal State," stated Panina.

In addition, a member of the Federation Council Committee on Foreign Affairs, Sergei Tsekov, stated that there is nothing original in the published plans for conducting an information war.

"The United States is always waging an information war against Russia. This is the meaning of life for the American community. So there is nothing original in this statement. As for countering Russian" interference " in the elections, the Americans have already achieved a 100% effect. Russia has never interfered in the election process and is not going to," said he.

The Senator also expressed the opinion that the effect of any American tactics of conducting an information war against Russia "will be very weak".

"Russian society is consolidated and understands very well the nature and mentality of the American community. So we do not give in to any propaganda on their part," concluded Tsekov.

Recall that US intelligence agencies accused Russia of interfering in the election campaign before the 2016 presidential election. Later, a commission was formed to investigate these circumstances, led by special prosecutor Robert Muller, the former head of the FBI. 

The Kremlin opposed cross-border persecution of Russians in the United States


Dmitry Peskov, the Press Secretary for the President of Russia, commenting on the largest award in history appointed for Russian hacker Maxim Yakubets, said that Moscow opposes cross-border persecution of Russians by the American authorities. The State Department announced awards of $5 million for information that would help detain the Russian Maxim Yakubets. American authorities consider this citizen of the Russian Federation the leader of the hacker group Evil Corp.

"The Russian side has repeatedly offered cooperation [in the fight against cybercrime], and our proposals were undesirable and misunderstood," said the Kremlin representative.

According to Peskov, Moscow considers crimes in the cybersphere very serious, the people who committed them should bear the deserved punishment.

"We traditionally advocate for cooperation in the investigation of such crimes and the capture of criminals, but in this case, we can't speak about cooperation, this is not our fault," said the representative of the Kremlin.

On December 5, the US State Department announced its readiness to pay $5 million for information that will help detain the alleged leader of the hacker group Evil Corp (also known as the Dridex Gang) Maxim Yakubets. This award was the largest in history of all that has ever been nominated for the head of a cybercriminal. Earlier, another Russian Evgeny Bogachev was the “leader” in this indicator, for whom in 2015 a prize of $3 million was offered.

Us and UK authorities accuse Yakubets of leading a group of hackers who stole more than $100 million. According to the US Treasury, Evil Corp is responsible for the development and distribution of the malware Dridex, used to infect the computers of 300 banks and financial companies in more than 40 countries.

According to Washington, Yakubets also provided direct assistance to the Russian government. The US Treasury Department claims that Yakubets worked for the FSB of Russia in 2017, and in April 2018 was allegedly in the process of obtaining permission from the FSB to work with Russian secret documents.

Facebook Dating Service available in 20 countries


Facebook has launched one of its most awaiting features; Facebook dating service in the United States and other 19 countries for its users who are above 18 years or older.

Currently, dating feature would be available in countries including US, Bolivia, Canada, Brazil, Argentina, Singapore, Suriname, Thailand, Laos, Guyana, Ecuador, Chile, Bolivia, Philippines, Mexico, Paraguay, Peru, Columbia,  Vietnam, and Malaysia.

Facebook said that they would launch a dating service in Europe in early 2020. While there is no word when they would launch the service in South East Asia.

"Today people are asked to make a decision as to whether or not they like someone immediately based on a static profile. To help you show, rather than tell, who you are, we're bringing Stories to Dating," Facebook blog post.

The user can create a dating profile, which will be entirely different and separate from the main profile.  People can integrate their Instagram posts in a dating profile, by the end of the year, and they would be able to add Instagram followers to their Secret Crush lists, in addition of their Facebook friends.

"By the end of the year, we'll make it possible to add Facebook and Instagram Stories to your Dating profile too,"  Facebook wrote in a blog post.

The dating service won't match you with your  Facebook friend until you choose to use Secret Crush and your crush too should have added you to their crush list.

"All of your Dating activity will stay in Facebook Dating. It won't be shared to the rest of Facebook," said the company.

"Finding a romantic partner is deeply personal, which is why we built Dating to be safe, inclusive and opt-in. Safety, security and privacy are at the forefront of this product," blog post.

Facebook fined $5bn over Cambridge Analytica scandal










US regulators the Federal Trade Commission (FTC) has approved a fine of $5 billion on Facebook to settle an investigation into Cambridge Analytica scandal, reports in US media. 

The commission was investigating the data breach that that affected more than 87 million Facebook users. 

The main focus of the investigation was to find out whether Facebook had violated a 2011 agreement which prohibits companies from obtaining users data without notifying them. 

"With the FTC either unable or unwilling to put in place reasonable guardrails to ensure that user privacy and data are protected, it's time for Congress to act," US Senator Mark Warner said.

The fine of $5bn was sanctioned by the FTC in a 3-2 vote with Republican commissioners in favor and Democrats opposed.

According to the New York Times report the Democrats wanted to take stricter action against the firm,  while other Democrats criticized that the fine is too less. 







US cyber attacks on Iranian targets not successful: Minister

U.S. cyber attacks against Iranian targets have not been successful, Iran's telecoms minister said on Monday, within days of reports that the Pentagon had launched a long-planned cyber attack to disable his country's rocket launch systems.

Tension runs high between longtime foes Iran and the United States after U.S. President Donald Trump on Friday said he called off a military strike to retaliate for the Middle East nation's downing of an unmanned U.S. drone.

U.S. President Donald Trump said on Saturday he would impose fresh sanctions on Iran but that he wanted to make a deal to bolster its flagging economy, an apparent move to defuse tensions following the shooting down of an unmanned U.S. drone this week.

On Thursday, however, the Pentagon launched a long-planned cyber attack, Yahoo News said, citing former intelligence officials. The cyber strike disabled Iranian rocket launch systems, the Washington Post said on Saturday.

"They try hard, but have not carried out a successful attack," Mohammad Javad Azari Jahromi, Iran's minister for information and communications technology, said on social network Twitter.

"Media asked if the claimed cyber attacks against Iran are true," he said. "Last year we neutralised 33 million attacks with the (national) firewall."

Azari Jahromi called attacks on Iranian computer networks "cyber-terrorism", referring to Stuxnet, the first publicly known example of a virus used to attack industrial machinery, which targeted Iran's nuclear facilities in November 2007.

Stuxnet, widely believed to have been developed by the United States and Israel, was discovered in 2010 after it was used to attack a uranium enrichment facility in the Iranian city of Natanz.

Washington accused Tehran of stepping up cyber attacks.

Officials have detected a rise in "malicious cyber activity" directed at the United States by people tied to the Iranian government, Chris Krebs, director of the Department of Homeland Security's cybersecurity agency, said on Saturday on Twitter.

US Cyber Command launched a digital strike against an Iranian spy group





The United States’s Cyber Command launched a retaliatory digital strike against an Iranian spy group that is believed to be behind a series of attack on commercial ships, according to two former intelligence officials.

The Iranian spy group has ties with the Iranian Revolutionary Guard Corps, a division of Iran’s Armed Force group. For the past several years, they have been digitally targeting the military and civilian ships that are passing through the economically important Strait of Hormuz. 

The exact details of the retaliatory strike are unknown. However, the strike against the group is said to have taken place on the same day when Iran shot down $180million unmanned US surveillance drone. 

A Pentagon spokesperson only told Yahoo News that 'as a matter of policy and for operational security, we do not discuss cyberspace operations, intelligence or planning.'


Telegram hit by DDoS attack





A most secure messaging app Telegram has been hit by a "powerful" distributed denial-of-service (DDoS) attack on Wednesday morning.

The app was down for many users across the globe, but people in the United States were most badly affected by this attack, according to DownDetector.

The  company said in a tweet, ‘We’re currently experiencing a powerful DDoS attack, Telegram users in the Americas and some users from other countries may experience connection issues.’

The app was down for just a little over an hour, and in the meantime, the company tweeted an explanation of how a DDoS attack works.

"Imagine that an army of lemmings just jumped the queue at McDonald's in front of you – and each is ordering a whopper," Telegram tweeted. "The server is busy telling the whopper lemmings they came to the wrong place – but there are so many of them that the server can't even see you to try and take your order."

The firm described the whole mechanism of how hackers accomplish a DDoS attack.

"To generate these garbage requests, bad guys use 'botnets' made up of computers of unsuspecting users which were infected with malware at some point in the past. This makes a DDoS similar to the zombie apocalypse: one of the whopper lemmings just might be your grandpa," the company said in another tweet.

However, Telegram said that every users’ data was safe, there was no kind of data hack through the whole attack. 

"There's a bright side: All of these lemmings are there just to overload the servers with extra work – they can't take away your Big Mac and Coke," the company tweeted.

Telegram refused to respond to a request for comment. 





3 million dollar was stolen from Investment company through email hacking scam




According to authorities, Two con artists from New Jersey and their team hacked into several corporate accounts stealing almost $3 million which was meant for a Manhattan real state transaction on Thursday.

The fraud took place after two foreigners gained access to the corporate email account of the investment company, they were keeping eye on potential investment deals through the emails. The name of the investment firm has not been revealed.

Before a deal of $2.8 million dollar was done, the foreigners emailed the investment company fraudulent account details that appeared to be coming from intended recipient. According to the prosecutors, the two foreigners who planned and stole the money from investment company are known by the name  Estarlin Reynoso and  Lucy Beswick

According to the court papers, Beswick, 27 instructed  Reynoso, 29, step by step on how to open a business account and how to wire the stolen funds through the whatsapp messaging service.

Manhattan DA Cyrus Vance said “New Yorkers whose jobs include wiring money should pay attention to this case, Business email compromises cause billions in worldwide losses each year, but there are steps that companies large and small can take to avoid becoming a victim.”

Vance has suggested businesses to be careful of the authenticity of the emails. They should be verified through verbal communication if transfer of funds are involved.He also suggested to use anti-phishing tools to authenticate emails.

According to the Prosecutor, Reynoso transferred funds to three different banks in China before the fraud was detected. Both the accused were charged with Larceny,identity theft and criminal possession of stolen funds.
The investment company was able to recover most of the funds. Beswick was freed without bail while Reynoso was released on bail for $10000.

Hackers charged with stealing $ 2.4 million



A group of hackers from the cybercrime group known as “The Community” charged in the U.S for “Sim Hijacking” attack and commit wire fraud along with 3 former employees of mobile phone providers.

All the 6 members of “The community ” group alleged to have participated in thefts of victims’ identities and used the data to steal cryptocurrencies via SIM Hijacking attack also known as SIM Swapping.

“SIM Hijacking” or “SIM Swapping” is an identity theft technique that exploits a common cyber-security weakness – mobile phone numbers.

This special technique used by hackers to gain control of victims’ mobile phone number in order to route the victims mobile traffic such as phone calls and short message service (“SMS”) messages through the devices controlled by “The Community”.

According to the fifteen-count indictment unsealed, SIM Hijacking was accomplished by a member of “The Community” contacting a mobile phone provider’s customer service—posing as the victim—and requesting that the victim’s phone number be swapped to a SIM card (and thus a mobile device) controlled by “The Community”. Later, Hijacked new SIM will be used as a gateway to gain control of online accounts such as a victim’s email, cloud storage, and cryptocurrency exchange accounts.

Here is the list of 6 “The Community” 3 former employee of mobile phone provider.

Conor Freeman, 20, of Dublin, Ireland

Ricky Handschumacher, 25 of Pasco County, Florida

Colton Jurisic, 20 of, Dubuque, Iowa

Reyad Gafar Abbas, 19, of Rochester, New York

Garrett Endicott, 21, of Warrensburg, Missouri

Ryan Stevenson, 26, of West Haven, Connecticut

Charged in the criminal complaint were:

Jarratt White, 22 of Tucson, Arizona

Robert Jack, 22of Tucson, Arizona

Fendley Joseph, 28, of Murrietta, California

Unprotected database exposes data of 80 million US households




Security researchers have uncovered a security breach that exposes the data of more than half of United States households. 

Experts working with a firm named vpnMentor, that expertises in analyzing virtual private network services, discovered a database containing details of about 80 million American households. 

The database was hosted on a Microsoft cloud server, that includes some sensitive information like names, addresses, locations, gender, age, income, home type and marital status, among other data. 

However, social security numbers and credit card details were not enlisted there. 

Researchers Ran Locar and Noam Rotem said it's unclear who owns the 24-gigabyte database.  

'Unlike previous leaks we've discovered, this time, we have no idea who this database belongs to,' the researchers said. 

'It's hosted on a cloud server, which means the IP address associated with it is not necessarily connected to its owner.'  

Meanwhile, the database is still available online, and is not protected by password. 

'This isn’t the first time a huge database has been breached,' the researchers explained. 

'However, we believe that it is the first time a breach of this size has included peoples' names, addresses, and income. 

'This open database is a goldmine for identity thieves and other attackers,' they added.  






WikiLeaks‘ founder Assange arrested after seven years hide out inside Ecuador embassy







British police has finally arrested the WikiLeaks founder Julian Assange from the Ecuadorian embassy in London after Ecuador government withdrew asylum citing his bad behavior. 

The arrest has closed the seven year long dramatic stint which could end up in landing in a United States prison as he is facing  a hacking conspiracy charge.

According to an indictment Assange conspired with former Army intelligence analyst Chelsea Manning to steal, and publish classified documents. 

Soon after his arrest, Assange appeared before Westminster Magistrates’ Court, where District Judge Michael Snow found  him guilty for breaching his bail conditions, flatly rejecting his assertion that he had not had a fair hearing and a reasonable excuse for not appearing.

“Mr. Assange’s behavior is that of a narcissist who cannot get beyond his own selfish interests,” Snow said. “He hasn’t come close to establishing ‘reasonable excuse.’”

While, Assange waved to the public from the gallery as he was taken to the cells. His next appearance would be on May 2 via prison video-link for his extradition case.

Whereas his attorney, Jennifer Robinson, said he will fight any extradition to the U.S.

“This sets a dangerous precedent for all journalist and media organizations in Europe and around the world,” she said. “This precedent means that any journalist can be extradited for prosecution in the United States for having published truthful information about the United States.”

U S disaster relief agency leaks private data of hurricane survivors


The U.S. Agency for International Development (USAID) is activating a Disaster Assistance Response Team (DART) to Mozambique to lead the U.S. Government's response to Cyclone Idai, which has caused catastrophic flooding, killed hundreds of people, and affected hundreds of thousands of others in Mozambique, Zimbabwe, and Malawi.

The US Federal Emergency Management Agency exposed 2.3 million disaster survivors to possible identity theft, according to the new report.

To date, USAID has mobilized $700,000 in total assistance to support emergency water, sanitation, hygiene, and shelter needs in Mozambique, Zimbabwe, and Malawi caused by torrential rain and flooding in early March, followed by Cyclone Idai. Of this, $200,000 is for relief efforts in Mozambique in response to the damage caused by Cyclone Idai, and $500,000 was provided to Mozambique, Zimbabwe, and Malawi in response to the flooding earlier in the month.

Those exposed by the breach included survivors of Hurricane Harvey, which hit Texas in 2017. The report finds Fema unnecessarily shared personal information, including bank details, with the outside contractor while applying for transitional sheltering in hotels, according to a report by the Office of Inspector General. The name of the contractor was not made public.

The USAID DART, an elite team of US disaster experts, will assess damage, identify humanitarian needs, and work closely with local authorities and humanitarian organizations on the ground to provide critical assistance to people affected by the cyclone. The storm, which has destroyed homes, livelihoods, and public infrastructure, follows a week of heavy rains and flooding across Southeast Africa that had already displaced tens of thousands of people.

Fema admitted the leak but said it had found no evidence that the improperly shared data was compromised.

“Since the discovery of this issue, Fema has taken aggressive measures to correct this error,” Fema press secretary Lizzie Litzow said in a statement. “Fema is no longer sharing unnecessary data with the contractor and has conducted a detailed review of the contractor’s information system,” she added.

Pilots still waiting for Software Update of Boeing, which was promised last year






After a deadly crash of the Lion Air 737 MAX 8 in Indonesia in last October, company officials have met pilot union, and said that they are planning to the software for their 737 Max jets, but till now there has not been a single update.

Meanwhile, addressing the issue, the United States regulators said the software update would be ready by April.

“Boeing was going to have a software fix in the next five to six weeks,” said Michael, the top safety official at the American Airlines pilots union. “We told them, ‘Yeah, it can’t drag out.’ And well, here we are.”

The planned software update would let pilots to detect the problem, and will them from recurrence of the same problem.  Boeing officials  believe that pilots doesn't need any special training in order to learn the functioning of the software update, but they just need a small briefing on how the software fix would function.

Marshall Islands to launch digital currency this year

The Marshall Islands' is gearing to release a digital currency this year, although officials acknowledged Friday there is much work still to be done to alleviate concerns of United States financial regulators as well as solve technological and logistical issues. However, the launch date of the currency, known as the "SOV", has yet to be decided.

“We plan to launch SOV this year,” said Barak Ben Ezer, chief executive officer of Neema, the Israel-based company that is partnering with the Marshall Islands government to develop the digital currency.

A primary issue for the launch is that following the boom in 2017 and early 2018, the crypto-currency market value has plummeted.

"We are working days and nights to prepare the foundations of the SOV initial coin offering, with the goal of being ready to launch once positive momentum is back to the markets," Ezer said.

"It will be done once all stakeholders are convinced that SOV is ready, risks have been mitigated, and momentum is building." Neema and the Marshall Islands are working through a multitude of US regulatory concerns as well as the technological and logistical side of issuing the SOV using blockchain technology.

The Marshall Islands, a tiny Pacific atoll nation with a population of just 55,000, passed legislation a year ago to develop digital currency as legal tender.

The plan has since been criticized by the International Monetary Fund, the US Treasury Department and bank officials in the Marshall Islands.

They argue it has the potential for a negative impact on existing banks and for money-laundering, but Ezer believed that once fully developed, the SOV will be one the safest monetary systems in the world.

The US Treasury has concerns about "anonymous digital currencies, such as Bitcoin, (which) are often used for illicit purposes by people who want to conceal their identity," Ezer said.

Cyberattacks can even take human lives

Cyberattacks by nation-states will soon kill people, either deliberately or unintentionally, a senior security researcher told attendees at the RSA Conference this week.

The May 2017 WannaCry attacks by North Korea and the NotPetya attacks by the Russian military in June 2017 shut down hospitals, disrupted shipping and cost hundreds of millions of dollars in losses — much of it in the form of collateral damage.

It is inevitable, she said during her RSA presentation yesterday (March 5), that future nation-state attacks on such scale will cause loss of life.

"I rarely get to stand up in front of groups and tell them that the news is getting better," Joyce told the crowd. "But if you have purely destructive malware backed by a nation-state, then where does that leave us?"

NotPetya, which targeted tax-collection software that every business in Ukraine was obliged to run, masqueraded as ransomware, Joyce explained. But it was impossible to decrypt the affected data even if a ransom was paid. The goal of NotPetya was purely destructive, and the destruction streamed outward from Ukraine to infect companies and other institutions in 65 other countries.
Part of the collateral damage was at U.S. hospitals, Joyce said, where some patients could not be immediately treated as a result.

"A friend of mine who was suffering from throat cancer was turned away and told to come back next week," Joyce said.

"If you have purely destructive malware backed by a nation-state, then where does that leave us?"
—Sandra Joyce, FireEye senior vice president


Had anyone died as a result of NotPetya, that would have been an unintended consequence of a specific attack on Ukraine's economy. But nation-state malware already exists that is designed to deliberately kill people, according to Joyce.

Bomb hoax suspect arrested in US

Multiple charges have been laid thanks to the efforts of multiple departments spanning two countries, stemming from 10 bomb threats, including one in a school, late last week.

The man at the centre of recent bomb threats in Taber, Alta, has made his first appearance in a U.S. courtroom. It's not the first time the 36-year-old suspect has been arrested for allegedly making threats.

Justin Bagley of Elkville, Illinois has been charged with 11 counts of felony disorderly conduct in connection to a series of bomb threats made in the Town of Taber that spanned over three days. Class 3/4 disorderly conduct felonies can carry sentences ranging from one to five years in prison in the state of Illinois on each charge.

Timothy Dalton Vaughn is suspected of being part of the Apophis Squad hacker group that was allegedly behind the pranking spree. LA's airport was one target for the Apophis hacker group.

On Friday, police said three schools in Taber received anonymous bomb threats via phone calls from an unknown individual. Investigations found there was no threat at any of the schools, according to police.

In a news release issued on Monday, the Jackson County state’s attorney in Illinois said Bagley has now been charged with “11 separate disorderly conduct counts of making false bomb threats.”

A joint investigation got underway on Saturday when police in Taber contacted the Jackson County Sheriff’s office in Illinois.

The Taber Police Service, Medicine Hat Police Service, Jackson County police and United States Department of Homeland Security all participated in the investigation.

One member of Apophis, Briton George Duke-Cohan, is serving a three-year jail sentence for aiding the attacks.

Jackson County Sheriff’s office noted investigators were able to track the phone number used to call the targets in Taber, leading to the arrest of Bagley. All told, an international suspect was able to be arrested within a 72-hour time frame from when the first bomb threat was received on Thursday night at Wal-Mart in Taber.