The items listed below represent potential emerging issues that our analysts are tracking. These can be long term or short term, but will be updated daily. If an item on our Watch List becomes critical, we will email you a full analysis explaining its significance.
Each Saturday, we will follow up our daily Watch List for each week with our conclusions on these issues.
- Saudi Arabia: Late May 15, extremists attacked Saudi security forces using a rocket-propelled grenade in Qatif province, killing one soldier. Another attack in Qatif on May 12 targeted laborers at a development project. We need to determine if this is the beginning of a new stage of Shiite unrest in Saudi Arabia’s oil-producing eastern provinces.
- Cyberattack: Shadow Brokers, the group that leaked the vulnerability in Windows software that enabled the WannaCry malware attack to rapidly spread May 12, has announced that in June it will begin leaking and selling new tools that can be used to launch more attacks. In addition to the vulnerabilities logged by the National Security Agency, the group claims to have stolen information related to the SWIFT wire transfer service and Russian, Chinese, Iranian and North Korean nuclear and missile programs. We have already seen how such an attack can disrupt critical systems; we need to continue to monitor this situation to see if Shadow Brokers follows through with its threat and, if it does, what information it reveals. As of May 17, roughly 300,000 computers had been attacked and $80,000 had been wired to the bitcoin accounts associated with the ransomware program.