Sign up for our daily briefing
Make your busy days simpler with Axios AM/PM. Catch up on what's new and why it matters in just 5 minutes.
Catch up on the day's biggest business stories
Subscribe to Axios Closer for insights into the day’s business news and trends and why they matter
Sign up for Axios Pro Rata
Dive into the world of dealmakers across VC, PE and M&A with Axios Pro Rata. Delivered daily to your inbox by Dan Primack and Kia Kokalitcheva.
Sports news worthy of your time
Binge on the stats and stories that drive the sports world with Axios Sports. Sign up for free.
Tech news worthy of your time
Get our smart take on technology from the Valley and D.C. with Axios Login. Sign up for free.
Get the inside stories
Get an insider's guide to the new White House with Axios Sneak Peek. Sign up for free.
Catch up on coronavirus stories and special reports, curated by Mike Allen everyday
Catch up on coronavirus stories and special reports, curated by Mike Allen everyday
Want a daily digest of the top Denver news?
Get a daily digest of the most important stories affecting your hometown with Axios Denver
Want a daily digest of the top Des Moines news?
Get a daily digest of the most important stories affecting your hometown with Axios Des Moines
Want a daily digest of the top Twin Cities news?
Get a daily digest of the most important stories affecting your hometown with Axios Twin Cities
Want a daily digest of the top Tampa Bay news?
Get a daily digest of the most important stories affecting your hometown with Axios Tampa Bay
Want a daily digest of the top Charlotte news?
Get a daily digest of the most important stories affecting your hometown with Axios Charlotte
Want a daily digest of the top Nashville news?
Get a daily digest of the most important stories affecting your hometown with the Axios Nashville newsletter.
Want a daily digest of the top Columbus news?
Get a daily digest of the most important stories affecting your hometown with the Axios Columbus newsletter.
Want a daily digest of the top Dallas news?
Get a daily digest of the most important stories affecting your hometown with the Axios Dallas newsletter.
Want a daily digest of the top Austin news?
Get a daily digest of the most important stories affecting your hometown with the Axios Austin newsletter.
Want a daily digest of the top Atlanta news?
Get a daily digest of the most important stories affecting your hometown with the Axios Atlanta newsletter.
Want a daily digest of the top Philadelphia news?
Get a daily digest of the most important stories affecting your hometown with the Axios Philadelphia newsletter.
Want a daily digest of the top Chicago news?
Get a daily digest of the most important stories affecting your hometown with the Axios Chicago newsletter.
Sign up for Axios NW Arkansas
Stay up-to-date on the most important and interesting stories affecting NW Arkansas, authored by local reporters
Want a daily digest of the top DC news?
Get a daily digest of the most important stories affecting your hometown with the Axios DC newsletter.
Illustration: Sarah Grillo/Axios
North Korea appears to have helmed a hacking campaign previously identified as "Operation Sharpshooter," according to a new report from McAfee, who first reported on the attacks in December.
The big picture: McAfee originally believed the attacks showed so much evidence they were from North Korea that it might indicate a different actor trying to frame Pyongyang. But the company's researchers now say that analysis of code and data from an intermediary server indicates the attacks really did originate from North Korea.
Details: According to the new report, the Sharpshooter campaign dated back to at least September 2017, a year earlier than was previously known.
- Sharpshooter pivoted its targeting during the year it has been active. It currently appears to target financial services, government and critical infrastructure, with a primary focus on Germany, Turkey, the U.K. and the U.S. Earlier hacking mainly targeted telecommunications, government and financial sectors, largely in the U.S., Switzerland and Israel.
The intrigue: The motive behind the attacks isn't known, but North Korea's interest is traditionally in espionage — which would have been increasingly important to fine-tune negotiating strategies during talks with the United States — and with various forms of theft.
- Axios has reported that North Korea might one day pivot to stealing intellectual property to bolster local industry.
- But even if the Sharpshooter attacks may have provided technical access to intellectual property, as reported in the New York Times, neither the new report nor any previous research on North Korea offers any evidence that IP was stolen in an act of commercial espionage.
Other interesting notes from the report:
- The malware was built in a "factory" approach, with new components developed separately and in tandem.
- The attackers appear to have conducted test campaigns in the city of Windhoek, Namibia, before taking the campaign global. This might give the U.S. a window into other attacks in the works, the same way that the U.S. sees Russian attacks against Ukraine as clues to what Russia might do next.