Looking back at the first six months of 2018, there haven't been as many government leaks and global ransomware attacks as there were by this time last year[1], but that's pretty much where the good news ends. Corporate security isn't getting better fast enough, critical infrastructure security hangs in the balance, and state-backed hackers from around the world are getting bolder and more sophisticated.
Here are the big digital security dramas that have played out so far this year—and it's only half over.
Russian Grid Hacking[2]
In 2017, security researchers sounded the alarm about Russian hackers infiltrating[3] and probing United States power companies; there was even evidence that the actors had direct access to an American utility's control systems. Combined with other high-profile Russian hacking from 2017, like the NotPetya ransomware attacks, the grid penetrations were a sobering revelation. It wasn't until this year, though, that the US government began publicly acknowledging the Russian state's involvement in these actions. Officials hinted[4] at it for months, before the Trump Administration first publicly attributed the NotPetya malware to Russia[5] in February and then blamed Russia[6] in March for grid hacking. Though these attributions were already widely assumed, the White House's public acknowledgement is a key step as both the government and private sector grapple with how to respond. And while the state-sponsored hacking field is getting scarier by the day, you can use WIRED's grid-hacking guide[7] to gauge when you should really freak out.
US Universities[8]
In March, the Department of Justice indicted nine Iranian hackers over an alleged spree of attacks[9] on more than 300 universities in the United States and abroad. The suspects are charged with