Sign up for our daily briefing

Make your busy days simpler with Axios AM/PM. Catch up on what's new and why it matters in just 5 minutes.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Catch up on the day's biggest business stories

Subscribe to Axios Closer for insights into the day’s business news and trends and why they matter

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Stay on top of the latest market trends

Subscribe to Axios Markets for the latest market trends and economic insights. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Sports news worthy of your time

Binge on the stats and stories that drive the sports world with Axios Sports. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Tech news worthy of your time

Get our smart take on technology from the Valley and D.C. with Axios Login. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Get the inside stories

Get an insider's guide to the new White House with Axios Sneak Peek. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Denver news?

Get a daily digest of the most important stories affecting your hometown with Axios Denver

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Des Moines news?

Get a daily digest of the most important stories affecting your hometown with Axios Des Moines

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Twin Cities news?

Get a daily digest of the most important stories affecting your hometown with Axios Twin Cities

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Tampa Bay news?

Get a daily digest of the most important stories affecting your hometown with Axios Tampa Bay

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Charlotte news?

Get a daily digest of the most important stories affecting your hometown with Axios Charlotte

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Illustration: Sarah Grillo/Axios

Last week’s stunning indictment of three North Korean hackers laid bare both the advantages and drawbacks of the U.S. government’s evolving strategy of using high-profile prosecutions to publicize hostile nation-state cyber activities.

Why it matters: Criminal charges can help the U.S. establish clear norms in a murky and rapidly changing environment, but they may not deter future bad behavior and could even invite retaliation against U.S. intelligence officials.

Catch up quick: Last Wednesday, the Justice Department charged three alleged employees of North Korea’s Reconnaissance General Bureau with undertaking a massive, multiyear hacking spree.

The hackers conducted some activities — such as sending spear-phishing emails aimed at U.S. government employees and contractors — that are examples of workaday nation-state espionage. But they also took actions far outside these bounds that included:

  • The 2014 attack on Sony Pictures.
  • The creation and use of the destructive WannaCry 2.0 ransomware.
  • A series of cyber-enabled bank hijackings across the globe wherein the spies tried to steal over $1.2 billion.
  • The theft of cryptocurrency valued at tens of millions of dollars worldwide.

Between the lines: Pointing the finger in cyberspace can often put the U.S. in uncomfortably hypocritical territory, as all major powers (and many minor ones) engage in cyber spying.

  • But the U.S. has the unambiguous ethical high ground with this latest indictment: U.S. intelligence agencies don’t hack banks to raise funds for the Treasury Department or seek vengeance over disfavored pieces of popular culture or create malicious cryptocurrency apps to steal from private companies to fund Washington’s weapons programs.
  • The fact that the North Korean hackers were behaving, in many instances, like non-state cyber criminals made it easier for the U.S. government to treat them like criminals — and pursue legal action against them.

Context: The North Korea case is an extreme example of other states’ divergent views on the appropriate objectives of cyber operations.

  • For instance, many states, including some close U.S. allies, regularly commit cyber-enabled economic espionage and theft of trade secrets to benefit their “national champion” companies.
  • American officials insist the U.S. does not engage in economic espionage — making it something of an outlier in the intelligence world.

Be smart: North Korea won’t extradite the hackers, and they’ll presumably never stand trial. Yet the act of naming and shaming these individuals may still hold real value for the U.S.

  • It may strengthen the international consensus against aberrant North Korean behavior (like massive bank theft).
  • Cyber espionage-related “speaking indictments” also provide a public service, detailing foreign cyber spying operations in an unusually open manner, a benefit to private cybersecurity firms, journalists and the wider interested public.
  • And these indictments extract costs on the named operatives, potentially complicating the individuals’ plans to, for instance, live in or visit countries that have extradition treaties with the U.S.

Yes, but: It’s unclear what, if any, deterrent effect these types of indictments actually have on foreign governments.

  • North Korea probably won’t stop robbing banks because the U.S. charged three of its intelligence officials. Their cyber operators rob banks because that’s where the money is, and Pyongyang needs it.

There are other risks, too, to criminally charging state-backed cyber operators.

  • One danger is that America’s adversaries will respond in kind, burning the identities and activities of U.S. intelligence personnel via criminal charges.
  • There’s next to zero possibility a hostile foreign power will successfully prosecute an American cyber operator it has charged, but some U.S. intelligence operatives still shudder at the possibility that they will become pawns, via this type of legal move by Moscow or Beijing, in a great geopolitical game.

The bottom line: Evolving norms around spying cut both ways, and as the saying goes: “The enemy always gets a vote.”

Go deeper

Super typhoon Surigae explodes to Cat. 5 intensity

Super Typhoon Surigae seen on satellite imagery Saturday morning east of the Philippines. (CIRA/RAMMB)

Super Typhoon Surigae surged in intensity from a Category 1 storm on Friday to a beastly Category 5 monster on Saturday, with maximum sustained winds estimated at 190 mph with higher gusts.

Why it matters: This storm — known as Typhoon Bising in the Philippines — is just the latest of many tropical cyclones to undergo a process known as rapid intensification, a feat that studies show is becoming more common due to climate change. It weakened slightly, to the equivalent of a strong Category 4 storm, on Sunday.

3 hours ago - World

Biden adviser warns "there will be consequences" for Russia if Navalny dies

The Biden administration warned the Russian government "that there will be consequences" if jailed Russian opposition leader Alexei Navalny dies, National Security Adviser Jake Sullivan told CNN on Sunday.

The big picture: Sullivan also defended President Biden for not mentioning Navalny in a Thursday speech about Russia or in a Tuesday call with Russian President Vladimir Putin, saying the White House aims to deal with the issue "privately and through diplomatic channels."

3 killed, 2 wounded overnight in Kenosha bar shooting

Three people died and two were hospitalized with serious injuries after a gunman entered bar in Kenosha County, Wisconsin, the police department said in a statement on Sunday. Police responded to the shooting at around 12:42 a.m. and the suspect has not been found.

The big picture: The midnight shooting is the latest in a string of deadly mass shootings to hit the U.S. since March, fueling a debate in Washington about how to regulate the weapons.