Sign up for our daily briefing

Make your busy days simpler with Axios AM/PM. Catch up on what's new and why it matters in just 5 minutes.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Catch up on the day's biggest business stories

Subscribe to Axios Closer for insights into the day’s business news and trends and why they matter

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Sign up for Axios Pro Rata

Dive into the world of dealmakers across VC, PE and M&A with Axios Pro Rata. Delivered daily to your inbox by Dan Primack and Kia Kokalitcheva.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Sports news worthy of your time

Binge on the stats and stories that drive the sports world with Axios Sports. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Tech news worthy of your time

Get our smart take on technology from the Valley and D.C. with Axios Login. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Get the inside stories

Get an insider's guide to the new White House with Axios Sneak Peek. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Denver news?

Get a daily digest of the most important stories affecting your hometown with Axios Denver

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Des Moines news?

Get a daily digest of the most important stories affecting your hometown with Axios Des Moines

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Twin Cities news?

Get a daily digest of the most important stories affecting your hometown with Axios Twin Cities

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Tampa Bay news?

Get a daily digest of the most important stories affecting your hometown with Axios Tampa Bay

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Charlotte news?

Get a daily digest of the most important stories affecting your hometown with Axios Charlotte

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Nashville news?

Get a daily digest of the most important stories affecting your hometown with the Axios Nashville newsletter.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Columbus news?

Get a daily digest of the most important stories affecting your hometown with the Axios Columbus newsletter.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Dallas news?

Get a daily digest of the most important stories affecting your hometown with the Axios Dallas newsletter.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Austin news?

Get a daily digest of the most important stories affecting your hometown with the Axios Austin newsletter.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Atlanta news?

Get a daily digest of the most important stories affecting your hometown with the Axios Atlanta newsletter.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Philadelphia news?

Get a daily digest of the most important stories affecting your hometown with the Axios Philadelphia newsletter.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Chicago news?

Get a daily digest of the most important stories affecting your hometown with the Axios Chicago newsletter.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Sign up for Axios NW Arkansas

Stay up-to-date on the most important and interesting stories affecting NW Arkansas, authored by local reporters

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top DC news?

Get a daily digest of the most important stories affecting your hometown with the Axios DC newsletter.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Illustration: Eniola Odetunde/Axios

Russian cyber operators are almost certainly still rummaging through U.S. networks, potentially lifting data or setting traps for future havoc even as officials scramble to assess the damage Moscow's hack has already dealt.

Why it matters: The hack, powered by malicious code inserted into an update of SolarWinds network management software, could be among the most significant in the country’s history, perhaps on par with China’s hack of the Office of Personnel Management or Russia’s 2014 hack of the State Department.

Driving the news: The FBI, NSA, CISA and office of the DNI in a joint statement Tuesday confirmed what has been widely accepted in the cybersecurity world: The hack was likely the work of Russia. (Specifically, Russia's SVR intelligence agency is thought to be behind it, though the statement stopped short of such specific attribution.)

  • The agencies also said that, although the update went out to some 18,000 SolarWinds customers, far fewer public or private entities were actually compromised.
  • So far, fewer than 10 government bodies have been identified as having been breached, the agencies said.

Yes, but: Even if the cyber operation narrowly focused on just a handful of targets, its impact could far exceed its footprint.

  • Already, experts say Russia may have used the exploit to breach critical U.S. infrastructure like power plants.
  • Microsoft, meanwhile, said hackers viewed some of the company’s source code.
  • And the federal agencies that are known to have been affected are among those responsible for some of the nation's most vital and sensitive work, including the State, Treasury, Energy, Commerce and Defense departments.

The intrigue: Nation-state groups — called “Advanced Persistent Threats” in cybersecurity jargon — aim to achieve persistent and long-standing access to desired targets.

  • Once they burrow into a network, they almost always surreptitiously develop contingencies for how to stay there, even if their initial point of entry is discovered.

That prospect of persistent access is complicated further by the fact that we still don't know exactly what the Russian cyber spies were looking for. Broadly speaking, there are three possibilities:

1. The hackers deliberately cast a wide net as cover to obscure the fact that they were after a specific target.

  • While U.S. cyber defenders continue puzzling over just how many doors have been wrenched open, Russia may have devoted, or may still be quietly devoting, intensive resources to extracting information from one particular agency, department or dataset.

2. The hack was aimed at compromising the maximum number of U.S. government (and perhaps other) targets simultaneously, allowing Moscow to sift through vast troves of likely unclassified, but still sensitive, data.

  • Down the line, such data may prove useful in, for instance, giving Russia — or China, Iran or another hostile foreign power, should Russia trade it away — a strategic advantage in diplomatic negotiations.
  • Or if an American intelligence operation halfway around the world is blown, U.S. counterintelligence officials may be left wondering if somehow it is related to information stolen in the hack.

3. The hack began as a narrow operation but, after Russia got what it was after, broadened, with the hackers fully expecting to get caught.

  • The SVR could then sit back and let the long afterlife of its compromise commence, driving stateside panic and distracting U.S. cyber warriors as Russia moves on to future operations.

The bottom line: No matter what, Russia now knows that the SolarWinds hack may tie U.S. counterintelligence experts into knots for many years to come.

Go deeper

Jan 26, 2021 - World

Biden holds first phone call with Putin, raises Navalny arrest

Putin takes a call in 2017. Photo: Handout/Anadolu Agency/Getty

President Biden on Tuesday held his first call since taking office with Vladimir Putin, pressing the Russian president on the arrest of opposition leader Alexey Navalny and the Russia-linked hack on U.S. government agencies.

The state of play: Biden also raised arms control, bounties allegedly placed on U.S. troops in Afghanistan and the war in Ukraine, according to a White House readout. The statement said Biden and Putin agreed maintain "consistent communication," and that Biden stressed the U.S. would "act firmly in defense of its national interests in response to actions by Russia that harm us or our allies."

Updated 4 hours ago - Sports

The potential GOAT of chess faces intriguing challenger

Illustration: Sarah Grillo/Axios

The World Chess Championship between Norway's Magnus Carlsen and Russia's Ian Nepomniachtchi began on Friday, 1,094 days after Carlsen won his fourth consecutive title.

Why it matters: During the long, COVID-fueled layoff, chess entered a new era, and with the championship finally here, the age-old game is ready for its close-up.

Department of Interior proposes raising cost of drilling on public lands

A horizontal drilling rig and a pump jack sit on federal land in Lea County, New Mexico. Photo: Callaghan O'Hare/Bloomberg via Getty Images

Oil and gas companies should pay more to drill on federal lands and waters, the Department of the Interior argued in a report released Friday, saying that the current rates were "outdated."

Driving the news: The Department of Interior report said that the federal government's oil and gas leasing and permitting program "fails to provide a fair return to taxpayers, even before factoring in the resulting climate-related costs that must be borne by taxpayers."