Sign up for our daily briefing

Make your busy days simpler with Axios AM/PM. Catch up on what's new and why it matters in just 5 minutes.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Stay on top of the latest market trends

Subscribe to Axios Markets for the latest market trends and economic insights. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Sports news worthy of your time

Binge on the stats and stories that drive the sports world with Axios Sports. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Tech news worthy of your time

Get our smart take on technology from the Valley and D.C. with Axios Login. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Get the inside stories

Get an insider's guide to the new White House with Axios Sneak Peek. Sign up for free.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Denver news?

Get a daily digest of the most important stories affecting your hometown with Axios Denver

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Des Moines news?

Get a daily digest of the most important stories affecting your hometown with Axios Des Moines

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Twin Cities news?

Get a daily digest of the most important stories affecting your hometown with Axios Twin Cities

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Tampa Bay news?

Get a daily digest of the most important stories affecting your hometown with Axios Tampa Bay

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Want a daily digest of the top Charlotte news?

Get a daily digest of the most important stories affecting your hometown with Axios Charlotte

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Illustration: Aïda Amer/Axios

President Trump's reluctance to name and shame Russia for the SolarWinds cyberattack will hamper companies and government agencies as they begin the long and daunting job of assessing and repairing the hack's damage.

Why it matters: Experts say Russia's fingerprints are all over the attack, but the president's dissent will hobble any U.S. response — at least until Jan. 20.

Catch up quick: Security officials and experts share a broad consensus that the "Cozy Bear" group, also known as APT29, overseen by Russia's SVR intelligence service, was responsible for the hack.

  • The Cybersecurity and Infrastructure Security Agency (CISA) described the attackers as "a patient, well-resourced, and focused adversary that has sustained long duration activity on victim networks."

White House officials had readied a statement Friday calling Russia "the main actor" in the attack, but were ordered not to release it, the Associated Press reports.

Between the lines: Some security experts fear the president's position will transform what should be a unified government response to a hostile act by a foreign power into yet another personal loyalty test.

  • Last month Trump fired CISA director Christopher Krebs after Krebs affirmed that the 2020 election had been secure.
  • Anything involving "Russia, Russia, Russia" (as Trump put it in his tweet) has been a sore point for the president since Russia's hacks during the 2016 election became the foundation for years of investigations into his administration's relationship with Moscow.

Yes, but: Leaders from both parties, including Sen. Mitt Romney (R-Utah), have called for holding Russia accountable and launching a significant response.

  • President-elect Joe Biden said in a statement: "I will not stand idly by in the face of cyber assaults on our nation."
  • Incoming White House chief of staff Ron Klain told CBS' "Face the Nation" that the new administration's response to an "attack like this" would go beyond sanctions and include steps "to degrade the capacity of foreign actors to repeat this sort of attack."

With all this going on, the administration is also pushing a plan to separate the leadership of the Cyber Command from the National Security Agency, according to a story in Defense One.

  • The "dual hat" arrangement has long been under review, but the SolarWinds crisis seems a strange moment to start a big reorg in the world of cyber defense.
  • The New York Times reports some observers are questioning the timing and whether the move is "retribution" against Gen. Paul Nakasone, who now runs both agencies.

Breaking: Private-sector victims of the hack include Cisco, Intel, Nvidia, Deloitte, VMware and Belkin, according to the Wall Street Journal, which identified infected systems at those firms.

  • Each company told the Journal they'd found no evidence of actual harm from the intrusions.

How it worked: Microsoft, in a fascinating weekend post, provided details of how the hackers hid their break-in, using a software update for SolarWinds' Orion network management platform to gain access to thousands of institutions' systems.

  • "The threat actors were savvy enough to avoid give-away terminology like 'backdoor', 'keylogger,' etc.," the Microsoft post says. Instead, they gave their tampered code an innocuous name — "OrionImprovementBusinessLayer" — that would fit right into a marketing brochure.
  • The attack's crucial, door-opening exploit was a small chunk of "poisoned code" (as Microsoft dubbed it) all of five lines long, or roughly 160 characters.
  • This could well be the most damage per character yet achieved in the short history of cyber warfare.

Go deeper

Dave Lawler, author of World
Jan 26, 2021 - World

Biden holds first phone call with Putin, raises Navalny arrest

Putin takes a call in 2017. Photo: Handout/Anadolu Agency/Getty

President Biden on Tuesday held his first call since taking office with Vladimir Putin, pressing the Russian president on the arrest of opposition leader Alexey Navalny and the Russia-linked hack on U.S. government agencies.

The state of play: Biden also raised arms control, bounties allegedly placed on U.S. troops in Afghanistan and the war in Ukraine, according to a White House readout. The statement said Biden and Putin agreed maintain "consistent communication," and that Biden stressed the U.S. would "act firmly in defense of its national interests in response to actions by Russia that harm us or our allies."

House passes $1.9 trillion COVID relief package

Photo: Screenshot via C-SPAN

The House approved President Biden's $1.9 trillion COVID relief package on a 219-212 vote early Saturday morning, sending it to the Senate for a possible rewrite before it gets to Biden's desk.

The big picture: The vote was a critical first step for the package, which includes $1,400 cash payments for many Americans, a national vaccination program, ramped-up COVID testing and contact tracing, state and local funding and money to help schools reopen.

8 hours ago - Health

Biden says it's "not the time to relax" after touring vaccination site

President Biden speaking after visiting a FEMA Covid-19 vaccination facility in Houston on Feb. 26. Photo: Mandel Ngan/AFP via Getty Images

President Biden said Friday that "it's not the time to relax" coronavirus mitigation efforts and warned that the number of cases and hospitalizations could rise again as new variants of the virus emerge.

Why it matters: Biden, who made the remarks after touring a vaccination site in Houston, echoed CDC director Rochelle Walensky, who said earlier on Friday that while the U.S. has seen a recent drop in cases and hospitalizations, "these declines follow the highest peak we have experienced in the pandemic."

You’ve caught up. Now what?

Sign up for Mike Allen’s daily Axios AM and PM newsletters to get smarter, faster on the news that matters.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!