Cybersecurity
Red light illuminates the keys of a laptop computer at the Dreamhack digital festival in Moscow, Russia, on Saturday, Dec. 5, 2015. Dreamhack is the world's largest digital festival and meeting place for gamers, fans and e-sport enthusiasts.
Photographer: Andrey Rudakov/Bloomberg via Getty ImagesState-sponsored cyberwarriors are infiltrating nuclear power plants and blackmailing multinational companies. Attackers are using malware to encrypt computer files and demand ransom to make them accessible again. Safety advocates are hijacking cars wirelessly — taking control of steering and brakes from drivers — as a warning about onboard vulnerabilities. Has the internet ever seemed scarier? Yes, elite professionals are finding ingenious ways to gain entry to government, industrial and financial networks. Cybersecurity lapses have also left some companies shockingly exposed. Still, when it comes to everyday security — of bank accounts and credit cards — the good guys actually have the upper hand.
After a U.S. presidential election marked by leaks of hacked emails, President Donald Trump signed an order requiring government agencies to review their digital defenses. During the 2016 campaign, almost 20,000 Democratic National Committee emails were posted online, including pro-Hillary Clinton messages sent by officials who were supposed to remain neutral. U.S. intelligence agencies later concluded that Russians, hoping to influence the outcome in Trump’s favor, were responsible, a charge that Russian President Vladimir Putin denies. In September, credit reporting firm Equifax Inc. reported that intruders had accessed its systems for months, which might affect more than 143 million U.S. consumers. In May, more than 200,000 computers around the world were infected in a ransomware attack that hit systems ranging from the U.K.’s National Health Service to Russia’s Ministry of Interior. In 2016, hackers stole more than $100 million from Bangladesh’s foreign reserves; only $20 million has been recovered. Yet some bad-sounding reports turned out not to be so bad. In 2015, VTech Holdings Limited, a Hong Kong-based toy company, revealed it had been hacked and that the data of 6.4 million children — including names, birthdays and genders — and that of 4.9 million parents was compromised. But no credit card data appeared to have been stolen. In 2014, Target was beset by revelations about the theft of 110 million payment-card numbers. It turned out that the numbers were mostly useless to the thieves because the PIN codes were encrypted and banks swiftly cancelled most compromised accounts.