Sep 7, 2017

Western energy facilities targeted by hackers

Lefteris Pitarakis / AP

Energy facilities in the U.S., Switzerland, and Turkey have been targeted by a sophisticated hacking group known as Dragonfly, Symantec reports. The campaign, which has created the potential for sabotage and disruption, is being called "Dragonfly 2.0," since the group has launched attacks before.

Why it matters: Sabotage attacks tend to be preceded by intelligence-gathering campaigns, and these hackers have gotten farther than any other group when it comes to American power company systems, according to Symantec Security Analyst Eric Chien.

The hackers are to the point where "they could have induced blackouts on American soil at will," as WIRED's Andy Greenberg writes. (Think, for example, Stuxnet, suspected to be launched jointly by the U.S. and Israel to impact an Iranian nuclear facility.)

What they did: It appears the hackers are interested in learning how the energy facilities operate — the hackers used spear phishing, trojanized software, and watering hole websites to lure in victims to steal credentials to even gain access to operational systems. One particularly notable tactic here is that the hacking group saved screenshots of their hacking efforts in a clearly categorized format noting machine description and location, potentially indicating an interest in operational access.

  • Who's behind it: "Attributes of this attack are similar to those perpetrated by nation-states," according to Raytheon's Chief Strategy Officer for Cyber Services, Josh Douglas. But attribution is difficult to peg down with cyber attacks. In particular, the code used in the malware were in Russian and French both, one of which could be a false lead.
  • What it means: Cyber attacks "don't always happen instantly, but instead can take years to unfold," according to Douglas. This means we might not know the full extent of the hack yet
  • The trend: It's not the first time the energy industry has been the center of cyber attacks. Recall the cyber hack that crippled Ukraine's power grid in 2015 and 2016, as well as a few recent reports about attacks on electricity in Europe and the management side of U.S. energy facilities.

Go deeper

Biden formally secures Democratic presidential nomination

Joe Biden speaks at Delaware State University's student cente on June 5. Photo: Jim Watson/AFP via Getty Images

Former Vice President Joe Biden became the formal Democratic presidential nominee on Friday evening, per AP.

The big picture: Biden has been the presumptive frontrunner to take on President Trump since Sen. Bernie Sanders suspended his campaign in early April.

Updated 4 hours ago - Politics & Policy

Coronavirus dashboard

Illustration: Sarah Grillo/Axios

  1. Global: Total confirmed cases as of 9 p.m. ET: 6,724.516 — Total deaths: 394,018 — Total recoveries — 2,996,832Map.
  2. U.S.: Total confirmed cases as of 9 p.m. ET: 1,894,753 — Total deaths: 109,042 — Total recoveries: 491,706 — Total tested: 19,231,444Map.
  3. Public health: WHCA president says White House violated social-distancing guidelines to make reporters "a prop" — Jailing practices contribute to spread.
  4. Sports: How coronavirus could reshuffle the sports calendar.
  5. Jobs: Better-than-expected jobs report boosts stock market.
  6. Media: The Athletic lays off 8% of staff, implements company-wide pay cut.

Scoop: German foreign minister to travel to Israel with warning on annexation

Heiko Maas. Photo: Michael Kappeler/picture alliance via Getty Images

German Foreign Minister Heiko Maas is expected to travel to Israel next week to warn that there will be consequences if Israeli leaders move forward with plans to annex parts of the West Bank, Israeli officials and European diplomats tell me.

Why it matters: Israeli and European officials agree that if Israel goes ahead with unilateral annexation, the EU will respond with sanctions.