Russian ‘Ghost Ships’ Identified Near the Nord Stream Blasts

In December 2020, security giant Mandiant revealed it had been hacked. Its disclosure was the first public sign of the SolarWinds hack, a Russian-orchestrated supply chain attack that’s widely regarded as one of the biggest espionage hacks ever. Among its victims were the US Departments of Homeland Security, Energy, and Justice. This blow-by-blow retelling of the historic SolarWinds attack, from Kim Zetter, charts the ways the hackers pulled off the attack—and how they were eventually caught.

Anti-abortion group the American College of Pediatricians (ACPeds) suffered a significant data breach this week. The doctors’ organization, which sued the US government to ban the abortion drug mifepristone, left an unsecured Google Drive on its website, exposing a decade’s worth of email exchanges, financial and tax records, and more sensitive data. The details give an unprecedented view of the organization, which has been described as a “hate group” for its views on LGBTQ people.  While ACPeds—which is not a school at all—characterizes itself as a “scientific organization,” leaked records show its deeply evangelical Christian mission.

Security experts have promised a future where passwords will cease to exist for the best part of a decade. However, that reality took a big step forward this week—really!—as Google launched passkey logins for billions of people. The technique uses cryptographic keys that are stored on your devices to replace your old, insecure passwords.

Elsewhere, cops in the US, Europe, and nine other countries have arrested 288 people for their involvement in the dark web drug markets, including the site Monopoly Market, which was quietly taken offline in 2021. Facebook owner Meta has added new tools to its business accounts in an attempt to thwart bad actors abusing them, including who can become account administrators and access lines of credit.

But that’s not all. Each week, we round up the news we didn’t report in-depth ourselves. Click on the headlines to read the full stories. And stay safe out there.

Russian ships with underwater operations equipment have been identified as being near the sites of the Nord Stream gas pipeline explosions in the days before the blasts, according to a joint investigation from national broadcasters in Denmark, Norway, Sweden, and Finland. Journalists at the publications combined intercepted radio broadcasts from the ships with satellite images to pinpoint their locations and track their paths. It is the latest example of investigators piecing together different sources of data, from varying unconnected sources, to reveal new details about real-world events.

Three ships, according to the investigation, sailed from naval bases in Russia to near the blast sites in June and September 2022. All of the ships had turned off their location tracking AIS services, an act often described as “going dark” and commonly used for disguising activity. Among the vessels were the navy research ship Sibiryakov and a tugboat called SB-123, which is said to be capable of launching mini-submarines. (In November 2022, WIRED reported on the presence of “ghost ships” around the time of the explosions, but had no information on their identity.)

Separately, another Russian vessel, the SS-750, was near the pipelines four days before they were blown up. In response to a public records request, the Danish Defense Command confirmed to the Information, a Danish news site, that it had 26 photos of the SS-750 near the sites.