Support Provided ByLearn More
Tech + EngineeringTech & Engineering

Big Idea of 2017: The Internet Is Making Us Vulnerable

ByTim De ChantNOVA NextNOVA Next

Receive emails about upcoming NOVA programs and related content, as well as featured reporting about current events through a science lens.

The internet lost some of its shine in 2017.

The year started out with the continued debate over the role that social media is continuing to play in the national discourse. Whether those discussions revolve around politics, the environment, social issues, or a host of other matters, it’s clear that social media has ushered in a new era in our society, and it may be a bit messy.

Support Provided ByLearn More
The internet revealed its share of vulnerabilities this year, including those it reveals in us.

Then, in March, the leaks and breaches began. That month, WikiLeaks published documents detailing alleged CIA hacking tools. A month later, a group known as Shadow Brokers released hacking tools developed by the National Security Agency. The NSA’s tools were highly advanced, allowing attackers to gain control of desktops, laptops, and cell phones. Their release would set the stage for some of the the year’s biggest hacks.

The first attack that relied on the Shadow Brokers-released tools was WannaCry, a ransomeware that encrypted the contents of a computer’s hard drive and demanded payment in Bitcoin to release them. The worm relied on an NSA hack known as EternalBlue, which used a vulnerability in the file sharing service on unpatched Windows machines.

The WannaCry cyberattack cost the economy billions of dollars. Here's why that's scary.

WannaCry first struck on May 12, and it eventually infected more than 300,000 computers in 150 countries. It brought down systems in the England’s and Scotland’s National Health Service, in Nissan and Renault automobile factories, at Spanish telecom Telefónica, and any many more. The U.S. government eventually fingered the North Korean hacking team known as the Lazarus Group, the same team thought to be responsible for the 2014 attack on Sony Pictures Entertainment.

After WannaCry had run its course another cyberattack known as Petya struck in late June, this time seeming to target Ukrainian computers. Petya also relied on the EternalBlue exploit. Banks, nuclear power plants, trains, and airports were all affected.

That same month, a security researcher discovered a massive trove of voter records sitting in an unsecured database hosted on Amazon’s S3 storage service. Deep Root Analytics, a data company hired by the Republican Party, had misconfigured the database that stored sensitive information on 198 million Americans. The information was exposed for two weeks, allowing anyone with knowledge of the server to download “names, dates of birth, home addresses, phone numbers, and voter registration details, as well as data described as ‘modeled’ voter ethnicities and religions,” according to security firm UpGuard.

If Americans missed that leak, chances are they didn’t miss the Equifax breach, in which the names, Social Security numbers, birth dates, and addresses of 145.5 million people were stolen by hackers who had accessed the credit reporting agency’s records. That’s more than enough information to wreak havoc on someone’s credit history. Beyond that, more than 200,000 people had their credit card numbers stolen. The breach, among the worst of its kind to date, places tens of millions of people at risk of identity theft .

The news about leaks continued into November, when ride-sharing company Uber announced that hackers had stolen data on 57 million rider and driver accounts the year before. The company, in a bid to keep things quiet, had paid the hacker $100,000.

The year is ending in much the same way it began, with debate roiling over the role of social media in our society. But unlike the beginning of the year, the attacks are coming from former insiders—even the companies themselves.

At an event on November 8, Facebook founder Sean Parker said that social networks were “exploiting a vulnerability in human psychology.” And earlier this month, former Facebook executive Chamath Palihapitiya said , “We have created tools that are ripping apart the social fabric of how society works.” Then, just two weeks ago, Facebook itself, citing academic research, announced that social media can be harmful—posting and liking without conversing can lead to worsening moods and declining mental health.

In the coming year, Facebook will most likely tweak its algorithm a few times—and maybe make a few larger changes aimed at de-emphasizing its role in politics and other social issues. But whether those changes will have any impact remains to be seen.

Funding for NOVA Next is provided by the Eleanor and Howard Morgan Family Foundation.

National corporate funding for NOVA is provided by Draper. Major funding for NOVA is provided by the David H. Koch Fund for Science, the Corporation for Public Broadcasting, and PBS viewers. Additional funding is provided by the NOVA Science Trust.