Sign up for our daily briefing

Make your busy days simpler with Axios AM/PM. Catch up on what's new and why it matters in just 5 minutes.

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Catch up on coronavirus stories and special reports, curated by Mike Allen everyday

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Denver news in your inbox

Catch up on the most important stories affecting your hometown with Axios Denver

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Des Moines news in your inbox

Catch up on the most important stories affecting your hometown with Axios Des Moines

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Minneapolis-St. Paul news in your inbox

Catch up on the most important stories affecting your hometown with Axios Twin Cities

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Tampa Bay news in your inbox

Catch up on the most important stories affecting your hometown with Axios Tampa Bay

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Charlotte news in your inbox

Catch up on the most important stories affecting your hometown with Axios Charlotte

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Please enter a valid email.

Please enter a valid email.

Subscription failed
Thank you for subscribing!

Lefteris Pitarakis / AP

Energy facilities in the U.S., Switzerland, and Turkey have been targeted by a sophisticated hacking group known as Dragonfly, Symantec reports. The campaign, which has created the potential for sabotage and disruption, is being called "Dragonfly 2.0," since the group has launched attacks before.

Why it matters: Sabotage attacks tend to be preceded by intelligence-gathering campaigns, and these hackers have gotten farther than any other group when it comes to American power company systems, according to Symantec Security Analyst Eric Chien.

The hackers are to the point where "they could have induced blackouts on American soil at will," as WIRED's Andy Greenberg writes. (Think, for example, Stuxnet, suspected to be launched jointly by the U.S. and Israel to impact an Iranian nuclear facility.)

What they did: It appears the hackers are interested in learning how the energy facilities operate — the hackers used spear phishing, trojanized software, and watering hole websites to lure in victims to steal credentials to even gain access to operational systems. One particularly notable tactic here is that the hacking group saved screenshots of their hacking efforts in a clearly categorized format noting machine description and location, potentially indicating an interest in operational access.

  • Who's behind it: "Attributes of this attack are similar to those perpetrated by nation-states," according to Raytheon's Chief Strategy Officer for Cyber Services, Josh Douglas. But attribution is difficult to peg down with cyber attacks. In particular, the code used in the malware were in Russian and French both, one of which could be a false lead.
  • What it means: Cyber attacks "don't always happen instantly, but instead can take years to unfold," according to Douglas. This means we might not know the full extent of the hack yet
  • The trend: It's not the first time the energy industry has been the center of cyber attacks. Recall the cyber hack that crippled Ukraine's power grid in 2015 and 2016, as well as a few recent reports about attacks on electricity in Europe and the management side of U.S. energy facilities.

Go deeper

40 mins ago - Health

U.S. surpasses 25 million COVID cases

A mass COVID-19 vaccination site at Dodger Stadium on Jan. 22 in Los Angeles, California. Photo: Mario Tama/Getty Images

The U.S has confirmed more than 25 million coronavirus cases, per Johns Hopkins data updated on Sunday.

The big picture: President Biden has said he expects the country's death toll to exceed 500,000 people by next month, as the rate of deaths due to the virus continues to escalate.

GOP implosion: Trump threats, payback

Spotted last week on a work van in Evansville, Ind. Photo: Sam Owens/The Evansville Courier & Press via Reuters

The GOP is getting torn apart by a spreading revolt against party leaders for failing to stand up for former President Trump and punish his critics.

Why it matters: Republican leaders suffered a nightmarish two months in Washington. Outside the nation’s capital, it's even worse.

Erica Pandey, author of @Work
5 hours ago - Economy & Business

The limits of Biden's plan to cancel student debt

Data: New York Fed Consumer Credit Panel/Equifax; Chart: Axios Visuals

There’s a growing consensus among Americans who want President Biden to cancel student debt — but addressing the ballooning debt burden is much more complicated than it seems.

Why it matters: Student debt is stopping millions of Americans from buying homes, buying cars and starting families. And the crisis is rapidly getting worse.