That Hack Is the Sound of Inevitability
Bloomberg Businessweek|December 28 - January 04, 2021
A massive data breach is a reminder that in all corners of cyberspace, the advantage is with the attackers
Joshua Brustein

The world has a way of reminding us of our own helplessness. The year 2020 has had more than its share of examples to choose from, but for those who prefer to direct their existential dread toward the inability of anyone to protect their digital data, the recent revelation of one of the most significant cybersecurity attacks in history is an excellent place to start.

This past spring hackers managed to insert malicious code into a software product from an IT provider called SolarWinds Corp. whose client list includes 300,000 institutions. About 18,000 of them were exposed when they downloaded a legitimate update from SolarWinds—which of course is the exact thing you’re supposed to do to keep your defenses fresh. The attackers spent months running free through their victims’ networks before anyone noticed, harvesting secrets, and could also have been inserting other vulnerabilities and doing God knows what else. The U.S. government and independent cybersecurity experts have tied the attack to hackers affiliated with the Russian government, and its victims include the U.S. departments of Commerce, State, and Treasury, Microsoft Corp., and cybersecurity firm FireEye Inc.

But sure, go ahead and mix a few special characters into the password on your email account if it makes you feel better.

In a sense, the SolarWinds attack is far removed from the security concerns of individual users, who are more vulnerable to things like having their computers locked until they cough up a ransom denominated in Bitcoin. It’s not worth thinking too much about hardening yourself against state-sponsored hackers, in the same way you wouldn’t choose a deadbolt for your front door based on how well it would stand up to an intercontinental ballistic missile.

The options a government may consider to respond to cybersecurity threats are also not really available to individuals. Much of the discussion in the wake of the SolarWinds hack centers on how the U.S. can increase deterrence, which comes with the implicit assumption that there’s no purely technical fix to cybersecurity at the nation-state level.

In that respect, the breach has highlighted a weakness shared by large institutions and individuals. The digital landscape is far too complex for those who rely on it—you know, all of us—to monitor all the ways we’re exposed. Major factors determining whether your data will be used against you are completely out of your control.

Continue reading your story on the app

Continue reading your story in the magazine

MORE STORIES FROM BLOOMBERG BUSINESSWEEKView All

The Food Fight in Fake Meat

Beyond Meat was an early leader. But rival Impossible Foods and others want to eat its lunch

6 mins read
Bloomberg Businessweek
April 19, 2021

The U.K. Wants to Clean Up Space

The amount of debris in orbit is an increasing danger—and a potential market opportunity

4 mins read
Bloomberg Businessweek
April 19, 2021

Peak Pallet

Prices for a warehouse staple are at a record, buoyed by the boom in e-commerce

4 mins read
Bloomberg Businessweek
April 19, 2021

THE MAN WHO KEEPS THE FAR RIGHT ONLINE

While Amazon and its peers have stopped supporting certain prominent White supremacists and conspiracy theorists, Nick Lim has stepped in

10+ mins read
Bloomberg Businessweek
April 19, 2021

Stopping the Race to the Bottom on Taxes

The U.S. is energizing a global effort to put a floor under corporate tax rates

8 mins read
Bloomberg Businessweek
April 19, 2021

The Guggenheims Of NFTs

Perhaps you’ve heard of nonfungible tokens? These collectors already have millions of dollars’ worth

10 mins read
Bloomberg Businessweek
April 19, 2021

Reincarnation And Realpolitik

China, India, and the U.S. are vying to influence the selection of the next Dalai Lama

5 mins read
Bloomberg Businessweek
April 19, 2021

WAITING FOR ELON

It’s not easy to compete with Miami and Austin for high-tech jobs. But Adelanto, Calif., which boasts a light regulatory environment, an enthusiastic city manager, and plenty of dirt, is giving it a shot

10+ mins read
Bloomberg Businessweek
April 19, 2021

LAW & CRYPTO

Arthur Hayes faces U.S. prosecution over how he ran his overseas Bitcoin exchange

5 mins read
Bloomberg Businessweek
April 19, 2021

In Hot Pursuit

Chris Urmson’s company, Aurora, has merged with Uber’s self-driving unit to take on Waymo

7 mins read
Bloomberg Businessweek
April 19, 2021