Lefteris Pitarakis / AP

Energy facilities in the U.S., Switzerland, and Turkey have been targeted by a sophisticated hacking group known as Dragonfly, Symantec reports. The campaign, which has created the potential for sabotage and disruption, is being called "Dragonfly 2.0," since the group has launched attacks before.

Why it matters: Sabotage attacks tend to be preceded by intelligence-gathering campaigns, and these hackers have gotten farther than any other group when it comes to American power company systems, according to Symantec Security Analyst Eric Chien.

The hackers are to the point where "they could have induced blackouts on American soil at will," as WIRED's Andy Greenberg writes. (Think, for example, Stuxnet, suspected to be launched jointly by the U.S. and Israel to impact an Iranian nuclear facility.)

What they did: It appears the hackers are interested in learning how the energy facilities operate — the hackers used spear phishing, trojanized software, and watering hole websites to lure in victims to steal credentials to even gain access to operational systems. One particularly notable tactic here is that the hacking group saved screenshots of their hacking efforts in a clearly categorized format noting machine description and location, potentially indicating an interest in operational access.

  • Who's behind it: "Attributes of this attack are similar to those perpetrated by nation-states," according to Raytheon's Chief Strategy Officer for Cyber Services, Josh Douglas. But attribution is difficult to peg down with cyber attacks. In particular, the code used in the malware were in Russian and French both, one of which could be a false lead.
  • What it means: Cyber attacks "don't always happen instantly, but instead can take years to unfold," according to Douglas. This means we might not know the full extent of the hack yet
  • The trend: It's not the first time the energy industry has been the center of cyber attacks. Recall the cyber hack that crippled Ukraine's power grid in 2015 and 2016, as well as a few recent reports about attacks on electricity in Europe and the management side of U.S. energy facilities.

Go deeper

Updated 1 hour ago - Politics & Policy

Coronavirus dashboard

Illustration: Aïda Amer/Axios

  1. Politics: Americans feel Trump's sickness makes him harder to trustFlorida breaks record for in-person early voting — McConnell urges White House not to strike stimulus deal before election — Republican senators defend Fauci as Trump escalates attacks.
  2. Health: The next wave is gaining steam.
  3. Education: Schools haven't become hotspots — University of Michigan students ordered to shelter-in-place.
  4. World: Ireland moving back into lockdown — Argentina becomes 5th country to report 1 million infections.

Report: Goldman to settle DOJ probe into Malaysia's 1MDB for over $2B

Illustration: Lazaro Gamio/Axios

Goldman Sachs has agreed with the Department of Justice to pay over $2 billion for the bank's role in Malaysia's multi-billion dollar scandal at state fund 1MDB, Bloomberg first reported.

Why it matters: The settlement, expected to be announced within days, would allow Goldman Sachs to avoid a criminal conviction in the U.S. over the bribery and money laundering scandal that saw three of its former bankers banned for life from the banking industry by the Federal Reserve Board.

Trump threatens to post "60 Minutes" interview early after reportedly walking out

Trump speaks to reporters aboard Air Force One, Oct. 19. Photo: Mandel Ngan/AFP via Getty Images

President Trump tweeted on Tuesday that he was considering posting his interview with CBS' "60 Minutes" prior to airtime in order to show "what a FAKE and BIASED interview" it was, following reports that he abruptly ended the interview after 45 minutes of taping.

Why it matters: Trump has escalated his war on the media in the final stretch of his re-election campaign, calling a Reuters reporter a "criminal" this week for not reporting on corruption allegations about Hunter Biden and disparaging CNN as "dumb b*stards" for the network's ongoing coronavirus coverage.