Searching for smart, safe news you can TRUST?

Support safe, smart, REAL journalism. Sign up for our Axios AM & PM newsletters and get smarter, faster.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Searching for smart, safe news you can TRUST?

Support safe, smart, REAL journalism. Sign up for our Axios AM & PM newsletters and get smarter, faster.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Denver news in your inbox

Catch up on the most important stories affecting your hometown with Axios Denver

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Des Moines news in your inbox

Catch up on the most important stories affecting your hometown with Axios Des Moines

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Minneapolis-St. Paul news in your inbox

Catch up on the most important stories affecting your hometown with Axios Minneapolis-St. Paul

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Tampa-St. Petersburg news in your inbox

Catch up on the most important stories affecting your hometown with Axios Tampa-St. Petersburg

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

A computer user points at the word "Bitcoin" in ransom message associated with the NotPetya malware. Photo: Donat Sorokin\TASS via Getty Images.

Hackers dramatically increased the number and scope of attacks on software manufacturers as a way to attack user machines in 2017, according to a new report by Symantec. "When you look at the numbers, it's no longer one off attacks," Kevin Haley, director of Symantec Security Response, told Axios.

Why it matters: The NotPetya malware was devastating internationally, costing the shipping giant Maersk $300 million dollars alone. It spread so quickly because it was attached to an update for widely used Ukrainian accounting software. This type of attack, where malware is placed in software before it is downloaded from the manufacturer, is known as a supply chain attack and are particularly tough for users to defend against.

By the numbers: According to Symantec's new Internet Security Threat Report, there was an average of three reported supply chain attacks attacks per year from 2013 through 2015. There were 10 in 2017, up from three in 2015 and four in 2016.

Larger in scope: While past supply chain attacks focused on niche software, like the software used in industrial machinery, 2017 saw two gigantic attacks. NotPetya was one, while a second targeted the popular CCleaner file cleaning software.

A siege of nations: Supply chain attacks are difficult to pull off and frequently the domain of nations and other highly-adept groups. "It certainly takes a level of sophistication - not common cyber criminals," said Haley. The White House believes NotPetya was launched by the Russian Government, while many researchers believe CCleaner was a product of China.

Go deeper

Trump bump: NYT and WaPo digital subscriptions tripled since 2016

Data: Axios reporting and public filings; Chart: Axios Visuals

The New York Times and The Washington Post have very different strategies for building the subscription news company of the future.

The big picture: Sources tell Axios that the Post is nearing 3 million digital subscribers, a 50% year-over-year growth in subscriptions and more than 3x the number of digital-only subscribers it had in 2016. The New York Times now has more than 6 million digital-only subscribers, nearly 3x its number from 2016.

Ben Geman, author of Generate
1 hour ago - Energy & Environment

Biden's emerging climate orbit

Photo illustration: Aïda Amer/Axios. Photo: Win McNamee/Getty Images

As of Tuesday morning, we know a lot more about President-elect Joe Biden climate personnel orbit, even as picks for agencies like EPA and DOE are outstanding, so here are a few early conclusions.

Why it matters: They're the highest-level names yet announced who will have a role in what Biden is promising will be a far-reaching climate and energy agenda.

Janet Yellen is back

Photo illustration: Sarah Grillo/Axios. Photo: Hannelore Foerster/Getty Images

A face familiar to Wall Street is back as a central player that this time will need to steer the country out of a deep economic crisis.

Driving the news: President-elect Joe Biden is preparing to nominate former Fed chair Janet Yellen to be Treasury secretary.