llustration: Aïda Amer/Axios

A hacker group believed to carry out some of the Iranian government's destructive attacks is focusing on makers of industrial control systems, according to a presentation a Microsoft employee will give at Thursday's CyberWarCon detailed in a new Wired article.

Why it matters: The group, nicknamed APT 33, Refined Kitten and Elfin, has been known to use malware to damage computer systems in the past, leading the Microsoft researcher presenting the talk on Thursday, Ned Moran, to speculate that the hackers may be laying the groundwork for future destructive attacks on industrial systems.

To be clear: The group has also been associated with traditional, fact-finding and source producing espionage as well. It's tough to guess the endgame of most hackers from their opening moves.

Industrial control systems, as the name implies, are the computerized systems that interface with pumps, fans and robots carrying out industrial tasks.

What they found: Moran told Wired that APT 33 has changed its tactics in recent months. In the past, the group had hacked systems by guessing passwords of employees at tens of thousands of different organizations at a time, but has now shifted to focusing on more employees at each of a smaller number—roughly 2,000—targets.

  • Around half the top 25 targets were makers or maintainers of industrial systems.

APT 33 has a history of attacking aerospace and oil operations, as well as politicians, academics and the water source for a U.S. military facility.

  • It has been connected to two strains of hard drive erasing "wiper" malware known: ShapeShift and Shamoon. Shamoon has been used in some of the most destructive cyber attacks in history, including an attack on Saudi Aramco.

Go deeper: Infamous Shamoon malware re-emerges.

Go deeper

Updated 14 mins ago - Science

In photos: Deadly wildfires devastate California's wine country

The Shady Fire ravages a home as it approaches Santa Rosa in Napa County, California, on Sept. 28. The blaze is part of the massive Glass Fire Complex, which has razed over 51,620 acres at 2% containment. Photo: Samuel Corum/Agence France-Presse/AFP via Getty Images

More than 1700 firefighters are battling 26 major blazes across California, including in the heart of the wine country, where one mega-blaze claimed the lives of three people and forced thousands of others to evacuate this week.

The big picture: More than 8,100 wildfires have burned across a record 39 million-plus acres, killing 29 people and razing almost 7,900 structures in California this year, per Cal Fire. Just like the deadly blazes of 2017, the wine country has become a wildfires epicenter. Gov. Gavin Newsom has declared a state of emergency in Napa, Sonoma, and Shasta counties.

Updated 57 mins ago - Politics & Policy

Coronavirus dashboard

Illustration: Sarah Grillo/Axios

  1. Global: Total confirmed cases as of 12:30 a.m. ET: 33,880,896 — Total deaths: 1,012,964 — Total recoveries: 23,551,663Map.
  2. U.S.: Total confirmed cases as of 12:30 a.m. ET: 7,232,823 — Total deaths: 206,887 — Total recoveries: 2,840,688 — Total tests: 103,939,667Map.
  3. Education: School-aged children now make up 10% of all U.S COVID-19 cases.
  4. Health: Moderna says its coronavirus vaccine won't be ready until 2021
  5. Travel: CDC: 3,689 COVID-19 or coronavirus-like cases found on cruise ships in U.S. waters — Airlines begin mass layoffs while clinging to hope for federal aid
  6. Business: Real-time data show economy's rebound slowing but still going.
  7. Sports: Steelers-Titans NFL game delayed after coronavirus outbreak.

CDC: 3,689 COVID-19 or coronavirus-like cases found on cruise ships in U.S.

Cruise Ships docked in April at the port at Marina Long Beach due to a no-sail order in Long Beach, in California. Photo: Apu Gomes/AFP via Getty Images

There have been at least 3,689 COVID-19 or coronavirus-like illness cases on cruise ships in U.S. waters, "in addition to at least 41 reported deaths," the Centers for Disease Control and Prevention said late Wednesday.

Driving the news: The CDC released the data from the period of March 1 through Sept. 29 in an emailed statement confirming the extension of a No Sail Order for cruise ships through Oct. 31, as first reported by Axios' Jonathan Swan on Tuesday in his article revealing CDC director Robert Redfield was overruled in a push to extend the order into 2021.