Sign up for our daily briefing

Make your busy days simpler with Axios AM/PM. Catch up on what's new and why it matters in just 5 minutes.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Denver news in your inbox

Catch up on the most important stories affecting your hometown with Axios Denver

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Des Moines news in your inbox

Catch up on the most important stories affecting your hometown with Axios Des Moines

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Minneapolis-St. Paul news in your inbox

Catch up on the most important stories affecting your hometown with Axios Twin Cities

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Tampa Bay news in your inbox

Catch up on the most important stories affecting your hometown with Axios Tampa Bay

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Charlotte news in your inbox

Catch up on the most important stories affecting your hometown with Axios Charlotte

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Illustration: Aïda Amer/Axios

Forget lone hackers and gangs of digital outlaws: Governments, acting for good and ill, have become the prime movers in the cybersecurity world.

What's happening: Three big stories this week drove home government's central role in a myriad of major breaches, hacks and scams.

1. Equifax: Monday, the Justice Department indicted four members of China's military for executing the 2017 Equifax data breach, which exposed the personal data of nearly 150 million Americans.

  • Equifax had already agreed to a settlement with state and federal authorities for hundreds of millions of dollars, one that focused on efforts to recompense consumers harmed by the breach and to provide incentives to businesses to batten down their hatches against similar future attacks.
  • By attributing the breach to China and bringing the receipts, the U.S. made clear that what had seemed to be a business story was in fact more about China's hunger for data on U.S. citizens — and the ability of its state-employed actors to execute one of the largest data heists in history.

2. Huawei: The Wall Street Journal reported Tuesday that U.S. officials say Huawei, the Chinese telecom giant, has been running a decade-long program of installing secret back doors in its equipment that allow it to monitor network traffic on behalf of the Chinese government.

  • The charges, which Huawei vehemently denies, repeat long-standing U.S. claims against the company, and many experts are critical of Huawei's close ties to the Chinese authorities. But the U.S. has never publicly provided evidence to back the charge.

3. The CIA: For nearly 50 years, a Swiss company called Crypto AG that sold encryption systems to governments around the world operated as a CIA front and enabled the U.S. to monitor those governments' secret communications, a remarkable Washington Post investigation revealed Tuesday.

  • The audacity, scope and span of the operation (from 1970 to 2018) make it "one of the most momentous and simply mind-boggling revelations in intelligence history," as Thomas Rid, professor of strategic studies at Johns Hopkins, said on Twitter.

Flashback: Even when governments aren't directly pulling the levers, their power shapes events in cybersecurity.

  • When a group that called itself the Shadow Brokers stole and shared a trove of NSA hacking tools in 2017, third parties grabbed the NSA code and transformed it into what became known as the WannaCry and NotPetya worms, which caused enormous damage to businesses worldwide.

The bottom line: Modest-size criminal attacks on individuals and businesses can be maddening and destructive, and they come from all directions. But increasingly, we're learning that massive-scale hacks and breaches almost always come with a government's fingerprints somewhere on them.

Go deeper

Texas AG sues Biden administration over deportation freeze

Texas Attorney General Ken Paxton speaks to members of the media in 2016. Photo: Alex Wong/Getty Images

Texas Attorney General Ken Paxton is suing the Biden administration in federal district court over its 100-day freeze on deporting unauthorized immigrants, and he's asking for a temporary restraining order.

Between the lines: The freeze went into effect Friday, temporarily halting most immigration enforcement in the U.S. In the lawsuit, Paxton claims the move "violates the U.S. Constitution, federal immigration and administrative law, and a contractual agreement between Texas" and the Department of Homeland Security.

Dan Primack, author of Pro Rata
1 hour ago - Podcasts

Carbon Health's CEO on unsticking the vaccine bottleneck

President Biden has said that getting Americans vaccinated for COVID-19 is his administration’s top priority given an initial rollout plagued by organizational, logistical and technical glitches.

Axios Re:Cap digs into the bottlenecks and how to unclog them with Carbon Health chief executive Eren Bali, whose company recently began helping to manage vaccinations in Los Angeles.

You’ve caught up. Now what?

Sign up for Mike Allen’s daily Axios AM and PM newsletters to get smarter, faster on the news that matters.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!