Sign up for our daily briefing

Make your busy days simpler with Axios AM/PM. Catch up on what's new and why it matters in just 5 minutes.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Catch up on the day's biggest business stories

Subscribe to Axios Closer for insights into the day’s business news and trends and why they matter

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Stay on top of the latest market trends

Subscribe to Axios Markets for the latest market trends and economic insights. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Sports news worthy of your time

Binge on the stats and stories that drive the sports world with Axios Sports. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Tech news worthy of your time

Get our smart take on technology from the Valley and D.C. with Axios Login. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Get the inside stories

Get an insider's guide to the new White House with Axios Sneak Peek. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Axios on your phone

Get breaking news and scoops on the go with the Axios app.

Download for free.

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Denver news?

Get a daily digest of the most important stories affecting your hometown with Axios Denver

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Des Moines news?

Get a daily digest of the most important stories affecting your hometown with Axios Des Moines

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Twin Cities news?

Get a daily digest of the most important stories affecting your hometown with Axios Twin Cities

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Tampa Bay news?

Get a daily digest of the most important stories affecting your hometown with Axios Tampa Bay

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Charlotte news?

Get a daily digest of the most important stories affecting your hometown with Axios Charlotte

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Sign up for Axios NW Arkansas

Stay up-to-date on the most important and interesting stories affecting NW Arkansas, authored by local reporters

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Illustration: Sarah Grillo/Axios

Government and private-sector investigators are racing to run forensics and damage assessments on the SolarWinds breach, but they keep turning up new unknowns, even as the strategic motivations and real impact remain obscure.

Why it matters: The more we learn about SolarWinds, the less we seem to know.

The intrigue: It’s not clear how much of the "SolarWinds breach" is even linked to SolarWinds, acting CISA director Brandon Wales told the Wall Street Journal.

  • In fact, "approximately 30% of both the private-sector and government victims linked to the campaign had no direct connection to SolarWinds," said the WSJ, citing Wales.
  • Because of the Russians’ use of these unconnected vectors, "this campaign should not be thought of as the SolarWinds campaign," said Wales.
  • Malwarebytes, a private computer security firm, has also concluded that “a number of its Microsoft cloud email accounts were compromised by the same group that targeted SolarWinds, using what Malwarebytes called ‘another intrusion vector’” from the SolarWinds backdoor, writes the Journal.

The big picture: The revelations suggest that the access gained into SolarWinds software was only one part in a broader Russian hacking campaign that hit other service providers as well. And the hackers' initial point of entry or ultimate goal remains unknown.

This massive campaign — which has potentially compromised networks tied to the Treasury, Defense, Commerce and State departments — was clearly more proactive and multifaceted than previously known.

  • The hackers identified and employed multiple avenues to compromise their targets — and weren’t, it appears, exclusively using the SolarWinds backdoor as their ticket into victims’ networks.
  • Indeed, SolarWinds “itself is probing whether Microsoft’s cloud was the hackers’ initial entry point into its network,” writes the Journal.
  • Thus, some victims may have been independently targeted via these other Microsoft-related issues, while others were compromised via SolarWinds, which may itself have been breached via its own Microsoft cloud account.
  • The Russian hackers had compromised at least one SolarWinds Microsoft 365 account as far back as December 2019, SolarWinds’ CEO told the Wall Street Journal.

Between the lines: The longer this type of campaign goes undetected, the harder it is to determine who was compromised when — and how. And when these causal chains are blurred, it's that much harder for cybersecurity experts to perform necessary damage control measures.

Context: This investigative work is hard enough in the often hazy world of counterintelligence. Investigators look to suss out:

  • How did a breach happen? Was it caused by a human or some technological source, or some combination of the two?
  • How long has this compromise existed?
  • What was the purpose of the campaign?

It only gets tougher in the world of cyber operations because there are so many potential variables to consider.

  • Private and public actors use lots of managed service providers like SolarWinds, and each one is a potential avenue for compromise.
  • Cyber operators often cover their tracks as they work on achieving persistent access in a network, obscuring the means by which they first got in.
  • Once operations like the SolarWinds hack are discovered, the focus immediately turns to worry over what networks the hackers might still be active in and what data might still be exfiltrated. That makes lower priorities out of larger questions about how they might fit into the responsible party's larger intelligence-gathering objectives or foreign policy goals.

The bottom line: Barring some type of extremely well-placed human or other source, getting to something approximating ground truth regarding all the dimensions — technical, tactical, temporal and strategic — of SolarWinds will be very difficult for the U.S. intelligence community.

Go deeper

Updated 1 hour ago - Sports

Olympics dashboard

Team USA's Simone Biles watching the women's uneven bars final at the Olympic Games in Tokyo, Japan, on Sunday. Photo: Jamie Squire/Getty Images

🚨: Simone Biles will compete in her final Olympic event

⚽: U.S. women's soccer team falls to Canada in semifinals, ending chances at gold

🏋️‍♀️: Laurel Hubbard becomes first openly trans woman to compete at Olympics

🤸: U.S. gymnast Jade Carey wins Olympic gold in floor exercise final

🪧: IOC "looking into" American Raven Saunders' Olympic podium protest gesture

📷In photos: Day 10 Olympics highlights

🏳️‍⚧️: Axios at the Olympics: Games grapple with trans athletesTrans athletes see the Tokyo Games as a watershed moment

Go deeper: Full Axios coverage

Updated 2 hours ago - Sports

Laurel Hubbard becomes first openly trans woman to compete at Olympics

Laurel Hubbard. Photo: Stanislav Krasilnikov\TASS via Getty Images

New Zealand weightlifter Laurel Hubbard made history on Monday as the first openly transgender female athlete to compete at the Olympics.

Why it matters: The presence of trans and nonbinary athletes at this year's Games has been celebrated by LGBTQ+ rights advocates, but stirred controversy among critics, who argue trans women have an unfair advantage even after taking hormones to lower their testosterone.

Index fund investors saved $357 billion over last 25 years

Illustration: Sarah Grillo/Axios

Investors who’ve opted to passively track the stock market haven’t just outperformed most active fund managers. They’ve also saved a ton of money in fees while doing it.

Why it matters: There are loads of active fund managers aiming to beat the returns of funds that track indexes like the S&P 500.