Why it matters: Shamoon is destructive malware that has only been seen in the wild three times since 2012 (and one of those is in dispute), including some of the most famous cyberattacks in history. Its return has raised eyebrows.
Stories by Joe Uchill
Trump's destabilizing "intervention" in Huawei CFO case
In an interview with Reuters, President Trump suggested he might be willing to trade an arrested Chinese executive for a better trade deal. Such an offer, experts tell Axios, is uncomfortably transactional, dangerous to U.S. institutions and alliances, and quite likely a constitutional no-no.
Background: The administration reportedly began discussing using Meng Wanzhou, chief financial officer of the global electronics giant Huawei, as a bargaining chip very soon after her arrest in Canada for violations of U.S. sanctions against Iran.
What Trump said: Answering a Reuters question about intervening in the Meng case:
The Department of Justice bristles at the suggestion it pursues any arrest with the purpose of advancing political negotiations. But Trump's statement gives that charge weight in this case.
- At a Congressional hearing Wednesday, Assistant Attorney General John Demers addressed the potential for the DOJ to be miscast: "What we do at the Justice Department is law enforcement.... It's very important for other countries to understand that we are not a tool of trade when we bring those cases."
- "Frankly," replied Sen. Richard Blumenthal (D-Conn.), "that's the danger of the president's statement. It makes it look like law enforcement is a tool."
- The DOJ, for its part, appears to have clean hands. The Huawei investigation dates back to 2016, 1 president and 2 attorneys general ago. It was not a spur-of-the-moment arrest.
Executive-branch norms: It's worth noting that the president likely does not have the right to interfere with DOJ investigations. Trump has had a few other scuffles over this very issue.
- Courts have never formally settled that issue, but the principle is deeply held in the U.S.
Campaign promises: Trump campaigned as the tough-on-Iran candidate, with reinstated sanctions a centerpiece of that strategy. Yet Huawei would be the second company, after ZTE, that he's been willing to forgive violating those sanctions.
Relations with Canada: Canada did not arrest a high-profile Chinese executive thinking the U.S. mainly intended to use her in trade negotiations.
- Trump's statement might have aided Meng's defense, which can now credibly say she's a political target. Per Reuters, that argument "would resonate in Canada where judges are particularly wary of abuse of the court system."
- Meanwhile, Canada now faces potential Chinese boycotts and possibly even the arrest of citizens abroad in China in retaliation.
The rule of law: In this situation — in a striking parallel to the case of Jamal Khashoggi, the U.S.-based journalist murdered by Saudi Arabia — Trump's position forthrightly elbows aside the law for transactional needs.
- "At its core, this is an Iran sanctions issue," said Elizabeth Rosenberg, a senior fellow at the Center for a New American Security, who worried blunting punishments for violating sanctions might encourage more violations.
U.S. business: If Canada faces Chinese retaliation, the U.S. might, too. One executive Axios interviewed had researched all of the countries that have extradition treaties with China to keep his employees safe.
- But it doesn't end there. "What about companies with Canadian supply chains?" asked Rosenberg. "They now have to figure out if they will be able to deliver products with parts that come from China."
Report: Iran hackers targeted emails of U.S. officials, nuclear experts
Hackers tied to the Iranian government targeted the personal emails of more than a dozen U.S. Treasury officials and other officials and individuals around the world linked to the Iran nuclear deal, according to an AP report.
Why it matters: The hacking attempts started just as the Trump administration begain to reinstate sanctions against the Iranian regime.
Details: The report relies on data from the cybersecurity firm Certfa. The campaign used a relatively simple phishing technique to dupe users — one example cited by the AP involved spoofed Gmail security pages. The email addresses that were targeted surfaced after the hacking group, known as Charming Kitten, mistakenly left one of its servers open online last month. The AP reports that Certfa was able to tie Charming Kitten to Iran based on mistakes that showed the collective as operating within the country.
- Targets also included "high-profile defenders, detractors and enforcers of the nuclear deal struck between Washington and Tehran, as well as Arab atomic scientists, Iranian civil society figures and D.C. think tank employees."