Sep 7, 2017

Western energy facilities targeted by hackers

Lefteris Pitarakis / AP

Energy facilities in the U.S., Switzerland, and Turkey have been targeted by a sophisticated hacking group known as Dragonfly, Symantec reports. The campaign, which has created the potential for sabotage and disruption, is being called "Dragonfly 2.0," since the group has launched attacks before.

Why it matters: Sabotage attacks tend to be preceded by intelligence-gathering campaigns, and these hackers have gotten farther than any other group when it comes to American power company systems, according to Symantec Security Analyst Eric Chien.

The hackers are to the point where "they could have induced blackouts on American soil at will," as WIRED's Andy Greenberg writes. (Think, for example, Stuxnet, suspected to be launched jointly by the U.S. and Israel to impact an Iranian nuclear facility.)

What they did: It appears the hackers are interested in learning how the energy facilities operate — the hackers used spear phishing, trojanized software, and watering hole websites to lure in victims to steal credentials to even gain access to operational systems. One particularly notable tactic here is that the hacking group saved screenshots of their hacking efforts in a clearly categorized format noting machine description and location, potentially indicating an interest in operational access.

  • Who's behind it: "Attributes of this attack are similar to those perpetrated by nation-states," according to Raytheon's Chief Strategy Officer for Cyber Services, Josh Douglas. But attribution is difficult to peg down with cyber attacks. In particular, the code used in the malware were in Russian and French both, one of which could be a false lead.
  • What it means: Cyber attacks "don't always happen instantly, but instead can take years to unfold," according to Douglas. This means we might not know the full extent of the hack yet
  • The trend: It's not the first time the energy industry has been the center of cyber attacks. Recall the cyber hack that crippled Ukraine's power grid in 2015 and 2016, as well as a few recent reports about attacks on electricity in Europe and the management side of U.S. energy facilities.

Go deeper

Coronavirus only part of the story behind the Dow’s drop

Photo: Andrew Burton/Getty Images

As someone has certainly told you by now, the Dow fell by more than 1,000 points yesterday, its worst day in more than two years, erasing all of 2020's gains. Most news headlines assert that the stock market's momentum was finally broken by "coronavirus fears," but that's not the full story.

What's happening: The novel coronavirus has been infecting and killing scores of people for close to a month and, depending on the day, the market has sold off or risen to record highs.

Bernie's historic Jewish fight

Illustration: Sarah Grillo/Axios

Sen. Bernie Sanders would be the first Jewish presidential nominee of a major American political party — but that history-making possibility is being overshadowed by his conflicts with America's Jewish leaders and Israel's leadership.

The big picture: That's partly because we're all focusing on the implications of Democrats nominating a self-described democratic socialist. It's also because a candidate's religion no longer seems to matter as much to voters or the media, making the potential milestone of a Jewish nominee more of a non-event.

Coronavirus "infodemic" threatens world's health institutions

Illustration: Aïda Amer/Axios

The spread of the novel coronavirus outbreak is being matched, or even outrun, by the spread on social media of both unintentional misinformation about it and vociferous campaigns of malicious disinformation, experts tell Axios.

Why it matters: The tide of bad information is undermining trust in governments, global health organizations, nonprofits and scientists — the very institutions that many believe are needed to organize a global response to what may be turning into a pandemic.

Go deeperArrow3 hours ago - Health