The Cyber Operations Tracker has just been updated. This update includes the state-sponsored incidents and threat actors that have been made public between January 1, 2018 and March 31, 2018. We also modified some older entries to reflect the latest developments and added a few historical cases we had previously missed.
A detailed log of the added and modified entries follow. A special thanks to Sasha Romanosky from RAND who submitted data to improve the tracker's accuracy. If you know of any state-sponsored cyber incidents that should be included, you can submit them to us here.
Deletions from the Database
Compromise at NASDAQ. This entry was deleted because new details reveal that the incident may have been criminal in nature, not a state-sponsored cyber operation.
Edits to Old Entries
Ocean Lotus. Added the Association of Southeast Asian Nations as a victim.
APT 28. Added that Estonian intelligence services associate this threat actor with Russian military intelligence (GRU) and ascribed new victims to it.
Turla. Added that Estonian intelligence services associate this threat actor with the Russian Federal Security Service (FSB).
The Dukes. Added that Estonian intelligence services associate this threat actor with the FSB and Russian Foreign Intelligence Service (SVR).
NotPetya. Added a reference to the Australian, Danish, American, and British claims of attribution to Russian state-sponsored actors.
Leviathan. Added a reference to its alternate name (TEMP.Periscope), state-sponsor, and victims.
Black Energy. Added a reference to its alternate name, Voodoo Bear.
MuddyWater. Added a reference to its alternate name (TEMP.Zagros) and state-sponsor.
APT 10. Added a source to a Cylance report on this threat actor.
Compromise of the Dukes
Compromise of computer networks associated with the 2018 Pyeongchang Winter Olympic Games
Compromise of an air-gapped German government network
Indictment of officials from the Mabna Institute
Targeting of foreign ministries
Targeting of a European defense agency
Targeting of global financial organizations and bitcoin users
Targeting of consulates and embassies in Eastern Europe
Compromise of Community Health Systems