Sign up for our daily briefing

Make your busy days simpler with Axios AM/PM. Catch up on what's new and why it matters in just 5 minutes.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Catch up on the day's biggest business stories

Subscribe to Axios Closer for insights into the day’s business news and trends and why they matter

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Stay on top of the latest market trends

Subscribe to Axios Markets for the latest market trends and economic insights. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Sports news worthy of your time

Binge on the stats and stories that drive the sports world with Axios Sports. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Tech news worthy of your time

Get our smart take on technology from the Valley and D.C. with Axios Login. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Get the inside stories

Get an insider's guide to the new White House with Axios Sneak Peek. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Axios on your phone

Get breaking news and scoops on the go with the Axios app.

Download for free.

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Denver news?

Get a daily digest of the most important stories affecting your hometown with Axios Denver

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Des Moines news?

Get a daily digest of the most important stories affecting your hometown with Axios Des Moines

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Twin Cities news?

Get a daily digest of the most important stories affecting your hometown with Axios Twin Cities

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Tampa Bay news?

Get a daily digest of the most important stories affecting your hometown with Axios Tampa Bay

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Charlotte news?

Get a daily digest of the most important stories affecting your hometown with Axios Charlotte

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Sign up for Axios NW Arkansas

Stay up-to-date on the most important and interesting stories affecting NW Arkansas, authored by local reporters

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Photo: Pyeongyang Press Corps/Pool/Getty Images

For several years, North Korea has been conducting a spree of bank robberies online. A new report from FireEye makes clear that a recent attempt to "name and shame" a North Korean government-affiliated hacker did nothing to curtail the digital heists, and sanctions have only made Pyongyang more eager to steal money. But experts think the U.S. still has other levers it can pull.

Why it matters: While the Trump administration is trying to play nice with Kim Jong-un ("We fell in love," said Trump at a rally Saturday night), the continuing heist campaign has attempted to steal more than $1 billion total.

Background: After years of crippling sanctions, the Kim regime began using part of its cyber program to generate the cash North Korea needed to run. According to FireEye, North Korea began robbing banks in 2014, shortly after being sanctioned for its third nuclear test.

  • Since then, the pile of international sanctions has only grown, including some for cyberattacks. Those sanctions appear to have encouraged more North Korean thefts.

The FireEye report, released Wednesday, is an argument that North Korea's bank hackers are separate and distinct from the country's other hacking ventures.

  • The bank robbers, which FireEye calls "APT38," operate by hacking a victim and requesting large transfers over the SWIFT interbank messaging system. "The attack ends in destructive, disk-whipping malware. They want to destroy systems not only to delete evidence, but to give them time to launder funds," said Nalani Fraser, threat intelligence manager at FireEye.
  • APT38 is one of a number of financial crime operations in North Korea. Other hackers, for example, rob cryptocurrency exchanges.

Name and shame: In September, the Trump administration publicly named, sanctioned and announced plans to charge North Korean Park Jin Hyok for, among other things, helping develop the WannaCry malware.

  • The tactic, often called "naming and shaming," did not decrease APT38 attacks.

The diplomatic play: Trump could make financial attacks a deal breaker in nuclear negotiations with North Korea, suggested Andrew Grotto, former senior director for cybersecurity policy to Presidents Obama and Trump and a current fellow at Stanford's Center for International Security and Cooperation.

  • "The Trump administration pulled out of the Iran deal in part because it didn’t address other issues, like hacking," he said. "If they’re consistent, they would try to address bank robbery."

The legal moves: Grotto notes financial crimes require an external, international network of collaborators — from money launderers to people who identify soft targets to attack. If we can't arrest hackers in North Korea, we could arrest confederates elsewhere.

  • Since North Korea lacks the internet infrastructure needed to launch cyberattacks, many of its attacks are launched from other countries. Michael Daniel, former White House cybersecurity coordinator and the current president and CEO of the Cyber Threat Alliance, believes the U.S. could press countries to cough up North Koreans.

Returning fire: And, said Daniel, the United States could use cyber means to disrupt the networks.

Or all of the above: "It would likely be a complex mix of tactics," said Daniel.

Go deeper

Updated 30 mins ago - Politics & Policy

Gavin Newsom to face recall election

Photo: Jay L. Clendenin / Getty Images

Gov. Gavin Newsom (D) will face a recall election later this year, California's Secretary of State confirmed Wednesday.

Why it matters: This will be the second time in California's history that a gubernatorial recall campaign has succeeded in getting on the ballot, out of a total of 55 attempts, per Bloomberg.

America's child care sticker shock

Illustration: Sarah Grillo/Axios

Parents looking to return to the job market may find child care options have gotten pricier — and that's if they can enroll their kids at all.

Why it matters: The fate of the recovery partially relies on the return of parents who left the workforce to care for their children.

Biden's major border shake-up

A migrant family waits to be taken to a Border Patrol processing facility after crossing the Rio Grande River. Photo: Brandon Bell/Getty Images

Vice President Kamala Harris' trip to the border on Friday will play out amid the Biden administration widening shake-up of U.S. border policy and leadership.

Driving the news: Rep. Henry Cuellar (D-Tex.) tells Axios that he's been advised by a border official that as soon as mid-July the Biden administration will end all use of Title 42, a Trump-era policy citing coronavirus as rationale to block migrants at the border.