Iranian laser-pointing and other dangerous games in the Strait of Hormuz. On Tuesday evening, “an Iranian warship had shined a spotlight and laser at an American military helicopter accompanying two U.S. Navy vessels sailing through the strategic Strait of Hormuz,” CBS News reported Wednesday.

How it happened: “An Iranian Navy Houdong-class guided-missile boat came within 800 yards of a formation of amphibious assault ship USS Bataan (LHD-5), guided-missile destroyer USS Cole (DDG-67) and dry cargo ship USNS Washington Chambers (T-AKE-11) and harassed the formation beginning with shining a spotlight on Cole,” U.S. Naval Institute News reported. Said Cmdr. Bill Urban, a spokesman for the U.S. Fifth Fleet in Bahrain, “The Iranian vessel then proceeded to turn its spotlight on Bataan, scanning the ship from bow to stern and stern to bow before heading outbound from the formation.”

Afterward, “the Iranian vessel trained a laser on a CH-53E helicopter that accompanied the formation,” Urban told USNI News. That laser, USNI was told by a Navy official, "triggered the CH-53’s countermeasure system."

At least one problem with all this: “Illuminating helicopters with lasers at night is dangerous as it creates a navigational hazard that can impair vision and can be disorienting to pilots using night vision goggles,” said Urban in a statement to the public.

FWIW: “There were 35 incidents considered unsafe or unprofessional during 2016,” according to The Wall Street Journal, citing military officials. “Most were incidents on the water, while some were considered threatening to aircraft, said one of the officials. So far this year, there have been fewer such incidents, but it is not clear what has contributed to the decline.”

From Defense One

At BALTOPS, It's Back to Prepping for High-End Warfare // Magnus Nordenman: The annual NATO exercise in tight Baltic waters, grown a bit sleepy after the Cold War, has snapped back into serious intensity.

The US Government Is Still Installing Russian Software on Its PCs // Joseph Marks: The intelligence community is aghast, but the rest of the federal government keeping buying anti-virus tools from Moscow-based Kaspersky.

DHS, FBI Alert About North Korean Hacking Campaign // Joseph Marks: It’s rare for the government to attribute cyber mischief to a nation-state.

After A Shooting, What Do Security Pros Do Behind Closed Doors? // Patrick Tucker: Wednesday's attack on a congressional baseball practice will trigger re-evaluations of security posture, and decisions on next steps.

It's Getting Harder to Draw Lessons from Today's Wars // Adin Dobkin: The researchers compiling the U.S. Army's accounts of Iraq and Afghanistan have an overwhelming yet spotty volume of material to work through.

CIA’s Cloud is ‘Pretty Close’ to Invincible, CIO Says // Frank Konkel: The agency wants to operate more like commercial companies, not the government, CIA CIO John Edwards said.

Welcome to Thursday’s edition of The D Brief by Ben Watson and Bradley Peniston. #1864: The first burials are authorized at Arlington National Cemetery. Got tips? Email us at the-d-brief@defenseone.com. (And if you’re reading this on our website, consider subscribing. It’s free.)

Trump himself is under investigation, Washington Post reports. The FBI appointee overseeing the probe “into Russia’s role in the 2016 election is interviewing senior intelligence officials as part of a widening probe that now includes an examination of whether President Trump attempted to obstruct justice, officials said. The move by special counsel Robert S. Mueller III to investigate Trump’s conduct marks a major turning point in the nearly year-old FBI investigation, which until recently focused on Russian meddling during the presidential campaign and on whether there was any coordination between the Trump campaign and the Kremlin.” Read on, here.

Wired has a look at the high-powered investigatory and legal talent that Mueller is assembling, here.

Also Wednesday: the Senate voted 97-2 to “strip the president of the power to unilaterally lift existing sanctions against Russia.” NYT, here.

Off the Red Sea coast of Yemen, a UAE ship was damaged by a rocket, injuring one crew member. The rocket is believed to have been fired by Houthi forces, the Saudi-led coalition said in a short statement Wednesday.

Worth noting: a Tuesday headline from Iran’s state-run Tasnim news agency, “Yemeni Forces Hit Saudi Warship off Southwestern Coast of Yemen ‘with a special and advanced weapon.’” The location of the encounter (Mocha port) lines up with the Saudi statement. But good luck figuring out from the Tasnim story just exactly what “special and advanced weapon” they’re talking about. Tasnim, here.

Also in the region: Two U.S. ships recently arrived to Qatar for some usefully-timed training with their host navy today, Saudi-owned Al-Arabiya news reported Wednesday. The ships are reportedly “docked in Hamad Port, south of the capital Doha, according to the Middle East Eye.

Qatar is praising the new $12-billion deal that will send U.S. F-15 jets to a nation embroiled in regional diplomatic crisis, Reuters reports this morning from Doha. "This is of course proof that U.S. institutions are with us but we have never doubted that," a Qatari official in Doha told Reuters. "Our militaries are like brothers. America's support for Qatar is deep-rooted and not easily influenced by political changes."

It’s a legacy deal from the Obama administration, and it covers “as many as” 36 aircraft, according to Bloomberg, which first reported on the deal Wednesday. “Qatar’s Defense Ministry said the deal would create 60,000 jobs in 42 U.S. states while reducing the burden on U.S. forces. The F-15 accord will lead to ‘closer strategic collaboration in our fight to counter violent extremism and promote peace and stability in our region and beyond,’ the ministry said Wednesday in a statement.” Read the rest, here.

The NSA has linked the WannaCry computer worm to North Korea, the Washington Post reported Thursday, citing unnamed officials. “The assessment, which was issued internally last week and has not been made public, is based on an analysis of tactics, techniques and targets that point with ‘moderate confidence’ to North Korea’s spy agency, the Reconnaissance General Bureau.”

The alleged goal, and where it went off the rails: “WannaCry was apparently an attempt to raise revenue for the regime, but analysts said the effort was flawed. Though the hackers raised $140,000 in bitcoin, a form of digital currency, so far they have not cashed it in, the analysts said. That is likely because an operational error has made the transactions easy to track, including by law enforcement.”

Why the NSA is thinking Pyongyang is the culprit: a “preponderance of the evidence...includes the range of computer Internet protocol addresses in China historically used by the RGB, and the assessment is consistent with intelligence gathered recently by other Western spy agencies.” Read on, here.

In the Philippines: one high-level insurgent down, seven of his brothers to go. Reuters: “The Philippines military said it arrested one of the Maute brothers on Thursday, a senior member of the Islamic State-backed militants it is fighting in a southern city. Mohammad Noaim Maute was arrested at a checkpoint near the coastal city of Cagayan de Oro just after dawn," according to the Philippine military.

"Two of Mohammad's brothers, Omarkhayam and Abdullah, lead the Maute gang that is at the forefront of a vicious battle with security forces for Marawi City, now in its fourth week...Most of the other seven Maute brothers, including Omarkhayam and Abdullah, are believed to be in Marawi." More here.

ICYMI: Piracy and gun-running in southeast Asia. The Philippines, Indonesia, and Malaysia are all “on high alert for fighters returning home from Islamic State frontlines in Syria and Iraq,” Reuters reported Tuesday. Their report takes a regional look at “militants, pirates, drug traffickers, gun runners” in a preview of a joint exercise next week between the four nations “using reconnaissance planes and drones” over the Sulu Sea. Story, here.

Happening today: The House Foreign Affairs subcommittee hears from Vice Adm. Joseph Rixey, director of the U.S. Defense Security Cooperation Agency, and State's Tina Kaidanow, acting assistant secretary for the Bureau of Political-Military Affairs. The topic: foreign military sales. Gets under way at 10 a.m. EDT. Details here.

While you’re at it, feel free to pick up this special Defense One eBook on the very same topic (published in March and free with registration).

Also today (after lunch): Australian Ambassador Joe Hockey speaks about the state of the US-Aussie relationship at 1 p.m. EDT at the Stimson Center in Washington. Livestream it here.

And finally: A U.S. Navy sailor from the cruiser Shiloh, presumed overboard and dead after a days-long search-and-rescue effort off the coast of Japan, was found hiding in one of the ship’s engine rooms, sources tell Navy Times.

Tweeted Jerry Hendrix, a retired Navy captain and occasional Defense One contributor: “I don't even want to think about what this Captain's mast is going to be like. I take that back. I would want to sell tickets to it.”