Illustration: Aïda Amer/Axios
Forget lone hackers and gangs of digital outlaws: Governments, acting for good and ill, have become the prime movers in the cybersecurity world.
What's happening: Three big stories this week drove home government's central role in a myriad of major breaches, hacks and scams.
1. Equifax: Monday, the Justice Department indicted four members of China's military for executing the 2017 Equifax data breach, which exposed the personal data of nearly 150 million Americans.
- Equifax had already agreed to a settlement with state and federal authorities for hundreds of millions of dollars, one that focused on efforts to recompense consumers harmed by the breach and to provide incentives to businesses to batten down their hatches against similar future attacks.
- By attributing the breach to China and bringing the receipts, the U.S. made clear that what had seemed to be a business story was in fact more about China's hunger for data on U.S. citizens — and the ability of its state-employed actors to execute one of the largest data heists in history.
2. Huawei: The Wall Street Journal reported Tuesday that U.S. officials say Huawei, the Chinese telecom giant, has been running a decade-long program of installing secret back doors in its equipment that allow it to monitor network traffic on behalf of the Chinese government.
- The charges, which Huawei vehemently denies, repeat long-standing U.S. claims against the company, and many experts are critical of Huawei's close ties to the Chinese authorities. But the U.S. has never publicly provided evidence to back the charge.
3. The CIA: For nearly 50 years, a Swiss company called Crypto AG that sold encryption systems to governments around the world operated as a CIA front and enabled the U.S. to monitor those governments' secret communications, a remarkable Washington Post investigation revealed Tuesday.
- The audacity, scope and span of the operation (from 1970 to 2018) make it "one of the most momentous and simply mind-boggling revelations in intelligence history," as Thomas Rid, professor of strategic studies at Johns Hopkins, said on Twitter.
Flashback: Even when governments aren't directly pulling the levers, their power shapes events in cybersecurity.
- When a group that called itself the Shadow Brokers stole and shared a trove of NSA hacking tools in 2017, third parties grabbed the NSA code and transformed it into what became known as the WannaCry and NotPetya worms, which caused enormous damage to businesses worldwide.
The bottom line: Modest-size criminal attacks on individuals and businesses can be maddening and destructive, and they come from all directions. But increasingly, we're learning that massive-scale hacks and breaches almost always come with a government's fingerprints somewhere on them.