In 2009, roughly 5 percent of the global population owned a smartphone. Before 2015 is out, that number is expected to hit 35 percent, or 2.5 billion people—approximately the populations of China and India combined. Considering the ever-quickening pace of technological innovation and the shrinking cost of processors and chipsets, it does not take a particularly fertile imagination to picture the day when, perhaps as soon as 2017, half the world will be hooked up to the small screen of a smartphone. ... street theft of mobile devices—or “Apple picking,” as it’s known—has been such a widespread crime in recent years. According to Consumer Reports, 3.1 million Americans were the victims of smartphone theft in 2013, up from 1.6 million in 2012. The mobile security firm Lookout believes that one in 10 smartphone users in the US have had their phones stolen; 68 percent of those victims never saw their device again. Nationally, about one-third of robberies now involve a smartphone. ... estimated Americans spend $4.8 billion annually on premium phone insurance and $580 million a year on replacement devices.
The inside story of two crypto-anarchists and their quest to create ungovernable weapons, untouchable black markets, and untraceable money. ... Concerns about the police are justified for Wilson and Taaki, who have dedicated their careers to building some of the most controversial software ever offered to the public. Wilson gained notoriety last year as the creator of the world’s first fully 3D-printable gun, a set of CAD files known as the Liberator that anyone can download and print in the privacy of their home to create a working, lethal firearm. Taaki and his collaborators recently unveiled a prototype for a decentralized online marketplace, known as DarkMarket, that’s designed to be impervious to shutdown by the feds. ... The programming provocation they released a few hours ago is called Dark Wallet, a piece of software designed to allow untraceable, anonymous online payments using the cryptocurrency bitcoin. Taaki and Wilson see in bitcoin’s stateless transactions the potential for a new economy that fulfills the crypto-anarchist dream of truly uncontrollable money. ... “I believe in the hacker ethic. Empower the small guy, privacy and anonymity, mistrust authority, promote decentralized alternatives, freedom of information,” he says. “These are good principles. The individual against power.” ... According to a study published in May by the nonprofit Digital Citizens Alliance, more than 40,000 mostly illegal products are now listed for sale on the obscured corner of the Internet known as the dark web, more than twice as many as before the Silk Road bust. ... Wilson and Taaki intend Dark Wallet to be the most user-friendly method yet to spend bitcoins under the cover of anonymity’s shadow—without switching to a niche alternative coin or trusting any shady middleman.
On the morning of April 15, 2013, Chris Connolly, a sergeant with the Boston police bomb squad, completed a ritual he had performed annually for the past eight years. It started after dawn at the corner of Boylston and Dartmouth in the city’s tony Back Bay neighborhood. There Connolly and his teammates peered inside trash cans, peeked into car and store windows, and inspected flower planters. ... In the post-9/11 world, this was standard operating procedure, a precaution practiced by civilian bomb squads around the country. Later that morning half a million spectators would watch nearly 25,000 athletes run the Boston Marathon, and security experts have considered major sporting events to be potential terrorist targets since the bombing at the Atlanta Olympics in 1996. Even at this early hour, revelers were starting to gather, most ignoring the techs methodically working their way around bars and restaurants and postrace recovery areas. ... A sweep and a long wait: This was the life of an urban bomb squad. The hardest part, as Connolly knew, was staying alert. It’s difficult to maintain vigilance in the face of overwhelming statistical evidence that nothing is going to happen. Soon runners started coming in—the swift ones first, but gradually the slower ones, in greater numbers and more celebratory. ... It happened at 2:50 pm. Connolly didn’t see the first explosion; he felt it. By the time his brain registered what it was, he felt another.
Early this year, as part of the $92 million “Data to Decisions” program run by the Defense Advanced Research Projects Agency (DARPA), the Office of Naval Research began evaluating computer programs designed to sift through masses of information stored, traded, and trafficked over the Internet that, when put together, might predict social unrest, terrorist attacks, and other events of interest to the military. Blog posts, e-mail, Twitter feeds, weather reports, agricultural trends, photos, economic data, news reports, demographics—each might be a piece of an emergent portrait if only there existed a suitable, algorithmic way to connect them. ... There is no doubt that the Internet—that undistinguished complex of wires and switches—has changed how we think and what we value and how we relate to one another, as it has made the world simultaneously smaller and wider. Online connectivity has spread throughout the world, bringing that world closer together, and with it the promise, if not to level the playing field between rich and poor, corporations and individuals, then to make it less uneven. There is so much that has been good—which is to say useful, entertaining, inspiring, informative, lucrative, fun—about the evolution of the World Wide Web that questions about equity and inequality may seem to be beside the point. ... But while we were having fun, we happily and willingly helped to create the greatest surveillance system ever imagined
How a rich entrepreneur persuaded the city to let him create his own high-tech police force. ... the French Quarter Task Force, which at all hours had three armed officers zigzagging the neighborhood in matte black Polaris Rangers that resemble militarized golf carts. When Torres, who is 39, had deployed the same vehicles in his garbage business, the decimated city became cleaner than ever. ‘‘Basically, I’m handling crime the same way I did trash,’’ said Torres ... In the United States, private police officers currently outnumber their publicly funded counterparts by a ratio of roughly three to one. Whereas in past decades the distinction was often clear — the rent-a-cop vs. the real cop — today the boundary between the two has become ‘‘messy and complex,’’ according to a study last year by Harvard’s Kennedy School of Government. Torres’s task force is best understood in this context, one where the larger merging of private and public security has resulted in an extensive retooling of the nation’s policing as a whole. As municipal budgets have stagnated or plummeted, state and local governments have taken to outsourcing police work to the private sector, resulting in changes that have gone largely unnoticed by the public they’re tasked with protecting.
A new arms race in our skies threatens the satellites that control everything from security to communications ... the activities of the mystery “ghost” satellite have given many in the defence and intelligence community pause for thought. ... Space, military officials like to say, is the ultimate higher ground. Since the cold war ended, however, it has been a largely uncontested territory. In January 1967, the US, UK and USSR became the first signatories to the Outer Space Treaty. In it, they committed to keeping the moon free of military testing and not putting weapons of mass destruction into orbit. China joined the pact in 1984. Another 100 states are now signed up. ... Almost every country with strategically important satellite constellations and its own launch facilities is considering how to defend — and weaponise — their extraterrestrial assets. ... Satellites are fragile things: a nudge to their orbit, a tilt of their solar panels towards the sun, a laser blast directed at their sensors or a projectile casually fired into their path are all capable of wreaking permanent, irreversible damage. ... While developed societies are becoming more dependent on it than ever before for almost every aspect of their digital economies, their grip on the technologies that have given them global strategic dominance is slipping. And as more countries around the world look to maximise their military advantages, space is becoming the most obvious domain to contest. ... The 1967 Outer Space Treaty had one glaring omission: it has no limits on the use of conventional weapons. Even as militaries around the world work hard to build their space weaponry arsenals, many are now wondering whether the treaty needs to be broadened.
Taser is hoping France’s second encounter with terrorism this year will similarly set the stage for lucrative purchases of its wares overseas. ... Right now, two out of three uniformed police officers in America are carrying Tasers. Internationally, that figure drops to about one in 50, according to Taser estimates. As the American market has become saturated with Tasers, Smith views the European police market as ripe for disruption. ... But as Taser sets its sight on Europe in an age of deepening fear of terrorism, it is discovering that its own name and provenance pose significant challenges. Among law enforcement agencies in Europe, the American company is seen as symbolic of an American mode of policing that, far from pacifying communities, has provoked a backlash of violence and bitterness. Its eponymous product, the stun gun, speaks to an American reliance on technology over humanity and an overemphasis on heavy-handed security tactics instead of finesse. ... While plenty of European police would likely prefer the option of using “less lethal” force, they view Taser as an American firm that enables a uniquely American version of policing. ... Of the 18,000 law enforcement agencies in America, about 17,800 have a contract with Taser. …= “Here's the deal with Taser,” says Richard Lichten, a 30-year veteran in the Los Angeles County Sheriff’s Department who now serves as a Taser expert on criminal trials. “Any tool the policeman carries -- Taser, baton, pepper spray -- can be misused. The officer has to be trained on the device. I am a proponent of the use of Tasers when it's used properly.”
1. The Hollow Alliance: The trans-Atlantic partnership has been the world’s most important alliance for nearly seventy years, but it’s now weaker, and less relevant, than at any point in decades. It no longer plays a decisive role in addressing any of Europe’s top priorities. Russia’s intervention in Ukraine and the conflict in Syria will expose US-European divisions. As US and European paths diverge, there will be no more international fireman—and conflicts particularly in the Middle East will be left to rage.
2. Closed Europe: In 2016, divisions in Europe will reach a critical point as a core conflict emerges between Open Europe and Closed Europe—and a combination of inequality, refugees, terrorism, and grassroots political pressures pose an unprecedented challenge to the principles on which the new Europe was founded. Europe’s open borders will face particular pressure. The risk of Brexit is underestimated. Europe’s economics will hold together in 2016, but its broader meaning and its social fabric will not.
3. The China Footprint: Never has a country at China’s modest level of economic and political development produced such a powerful global footprint. China is the only country of scale today with a global economic strategy. The recognition in 2016 that China is both the most important and most uncertain driver of a series of global outcomes will increasingly unnerve other international players who aren’t ready for it, don’t understand or agree with Chinese priorities, and won’t know how to respond to it.
4. ISIS and “Friends”: ISIS is the world’s most powerful terrorist organization, it has attracted followers and imitators from Nigeria to the Philippines, and the international response to its rise is inadequate, misdirected, and at cross purposes. For 2016, this problem will prove unfixable, and ISIS (and other terrorist organizations) will take advantage of that. The most vulnerable states will remain those with explicit reasons for ISIS to target them (France, Russia, Turkey, Saudi Arabia, and the United States), and those with the largest numbers of unintegrated Sunni Muslims (Iraq, Lebanon, Jordan, Egypt, and across Europe).
5. Saudi Arabia: The Saudi Kingdom faces a growing risk of destabilizing discord within the royal family this year, and its increasingly isolated status will lead it to act more aggressively across the Middle East this year. The threat of intra-royal family strife is on the rise, and a scenario of open conflict, unimaginable prior to King Salman’s January 2015 ascension, has now become entirely realistic. The key source of external Saudi anxiety is Iran, soon to be free of sanctions.
6. The rise of technologists: A variety of highly influential non-state actors from the world of technology are entering the realm of politics with unprecedented assertiveness. These newly politically ambitious technologists are numerous and diverse, with profiles ranging from Silicon Valley corporations to hacker groups and retired tech philanthropists. The political rise of these actors will generate pushback from governments and citizens, generating both policy and market volatility.
7. Unpredictable Leaders: An unusually wide constellation of leaders known for their erratic behavior will make international politics exceptionally volatile this year. Russia’s Vladimir Putin and Turkey’s Recep Tayyip Erdogan are leaders of an unruly pack that includes Saudi Arabia’s Deputy Crown Prince Mohammed bin Salman and – to a lesser but important extent – Ukraine’s Petro Poroshenko. These unpredictable leaders make our list for 2016 because their interventions overlap and conflict. One powerful, erratic leader spells trouble; four spell volatility with major international implications.
8. Brazil: President Dilma Rousseff is fighting for her political survival, and the country’s political and economic crisis is set to worsen in 2016. Contrary to hopes among pundits and many market players, the battle over Rousseff’s impeachment is unlikely to end the current political stalemate. Should the president survive, her government won’t gain the political boost necessary to move on the economic reforms needed to tackle the country’s growing fiscal deficit. If Rousseff is ousted, an administration led by Vice President Michel Temer won’t fare much better.
9. Not enough elections: Emerging markets underwent a historic cycle of national elections in 2014-2015, but this year there are relatively few opportunities for EM voters to make themselves heard at the ballot box. As slower growth and stagnating living standards stoke popular discontent, governance and stability will suffer. Historically, markets have been less volatile in non-election years, but this time will be different. By raising popular expectations, the massive income growth that most EMs enjoyed over the past 10 years has created conditions for a rude awakening.
10. Turkey: After a decisive victory for his AK party in late-2015, President Erdogan will now push to replace the country’s parliamentary system with a presidential one. He’s unlikely to reach his goal in 2016, but his aggressive electioneering will further damage an already battered Turkish business and investment climate. On the security front, there is little prospect of an imminent end to PKK violence, and unrelenting US pressure on Ankara to clamp down on the Islamic State will produce only modest results while making Turkey more vulnerable to new attacks by ISIS.
* Red Herrings: US voters aren't going to elect a president who will close the country to Muslims. China’s economy isn’t headed for a hard landing, and its politics will remain stable. Continued strong leadership from Japan's Shinzo Abe, India's Narendra Modi, and especially China's Xi Jinping will keep Asia's three most important players focused on economic reform and longer-term strategy, reducing the risk of conflict in Asia’s geopolitics.
Fourteen years later, the drone is the quintessential weapon of the American military, which now boasts roughly a thousand Predator pilots. At any given moment, scores of them sit in darkened trailers around the country, staring at the bright infrared camera feeds from drones that might be flying over Afghanistan, Iraq, Syria, Pakistan, or Somalia. Between August 2014 and August 2015, a single Predator squadron—the 432nd Air Expeditionary Wing in Nevada—flew 4,300 sorties and dropped 1,000 warheads on ISIS targets. By enabling the White House to intervene without committing troops to battle, the drone has transformed US foreign policy. ... The Predator as we know it—with its capacity to be piloted from thousands of miles away and its complement of Hellfire missiles—wasn’t developed with the expectation that entire wars might one day be fought by pilots sitting in trailers. As a matter of fact, most military planners at the time regarded the Predator as pretty much a technological dead end. ... The lethal Predator wasn’t a production vehicle. It was a hot rod, built for one all-out race against the clock. Of course, in those months before September 11, 2001, none of its designers knew the nature of the clock they were racing against. And most Americans have no idea quite how close they came to beating it.
The DOD of course has a long history of jump-starting innovation. Historically, it has taken the megafunding and top-down control structures of the federal government to do the kind of investing required to create important technology for the military. Digital photography, GPS, the Internet itself—all were nourished by defense contracts before being opened up to the private sector, which then turned them into billion-dollar industries. ... Now the flow has reversed. Defense has been caught in the throes of the same upheaval that has disrupted legacy industries, unseated politicians, and upended global dynamics. In the digital age, innovation more often comes from smaller entrepreneurs than from the hierarchical structures that were the hallmark of 20th-century government and business. ... Defense contracting is notorious for bureaucratic lethargy and technological backwardness. And executives are leery of appearing to be too close to the US government while they seek to expand overseas. Put bluntly, they don’t want to alienate potential customers. ... The Valley is a place where brainpower is its own kind of currency, and Carter, who holds a PhD in theoretical physics from Oxford, made an impression on the locals. ... somehow Carter must instill the seeds of a cultural and logistical overhaul that will make the modern military-industrial complex nimble enough to provide the kind of innovation and support its 21st-century fighting force needs.
It took years for the Internet to reach its first 100 computers. Today, 100 new ones join each second. And running deep within the silicon souls of most of these machines is the work of a technical wizard of remarkable power, a man described as a genius and a bully, a spiritual leader and a benevolent dictator. ... Linus Torvalds — who in person could be mistaken for just another paunchy, middle-aged suburban dad who happens to have a curiously large collection of stuffed penguin dolls — looms over the future of computing much as Bill Gates and the late Steve Jobs loom over its past and present. For Linux, the operating system that Torvalds created and named after himself, has come to dominate the exploding online world, making it more popular overall than rivals from Microsoft and Apple. ... But while Linux is fast, flexible and free, a growing chorus of critics warn that it has security weaknesses that could be fixed but haven’t been. Worse, as Internet security has surged as a subject of international concern, Torvalds has engaged in an occasionally profane standoff with experts on the subject. ... Linux has thrived in part because of Torvalds’s relentless focus on performance and reliability, both of which could suffer if more security features were added. Linux works on almost any chip in the world and is famously stable as it manages the demands of many programs at once, allowing computers to hum along for years at a time without rebooting. ... Yet even among Linux’s many fans there is growing unease about vulnerabilities in the operating system’s most basic, foundational elements — housed in something called “the kernel,” which Torvalds has personally managed since its creation in 1991.
His customers include the Defense Department and various spy agencies. He has about 200 people on the payroll, most of whom go to work every day in places where they could very well get shot or blown up--Iraq, Afghanistan, Ghana, Djibouti, Somalia, and Libya, to name a few. They guard buildings, protect VIPs, train foreign soldiers, and do a lot of office work, too: "Our specialty," says Patriot Group COO Rob Whitfield, "is providing sometimes common services in real crappy places." ... As a veteran, Craddock knows about war--what it is to confront bad guys face-to-face, to lose a friend in combat, to endure long separations from family, and then to wonder, once you're out, whether you'll ever again do anything as focused, as intense, as in-your-face important as what you did in uniform. As an entrepreneur, he also knows about business--what it is to risk everything on a proposal that goes nowhere, to be cut off by your banker, to drain your 401(k)--and ultimately what it feels like to succeed in a notoriously corrupt industry that's closely regulated, intensely scrutinized, rife with unsavory characters ("Some of the folks who work for us--I wouldn't want to be on their bad side, consistently"), and beholden like no other to the fickle winds of geopolitics. ... Total Defense Department spending on contractors--including those supplying weapons and R&D as well as services--peaked at $412 billion annually, and is down more than 30 percent since 2009. Among the factors: troop drawdowns, shrinking budgets, and a deteriorating business climate marked by intense congressional scrutiny, stricter oversight in the field, and heightened public distrust. ... Ironically, as spending drops, the relative importance of the private sector grows. Contractors deliver continuing access to talented people the military can't otherwise retain and instant access to short-term skills.
Thanks to a process involving rapid evaporative ionisation mass spectrometry (Reims), developed at Imperial College London, the computer can identify the smoke’s unique “molecular fingerprint”. This £500,000 machine, together with another £5m-worth of equipment in the Belfast-based Institute for Global Food Security, have inspired the lab’s nickname “Star Trek”, as it boldly pushes technological frontiers in the battle against food crime. The only other Reims machine in the UK is at Charing Cross Hospital, London, where it is used by the oncology department to distinguish between healthy and malign tissue. Here, the machine is being asked to make a formal identification of the fish fillet: is it cod? Or is it something else? ... food analysis is inching ever closer to forensic investigation. Fraud, adulteration and contamination can happen to almost any edible commodity that you care to think of. Or, more likely, that you care not to think of — not just beef burgers with a hidden equine component but staples such as fish, spices and fruit juices. ... “What we eat and where it comes from, generally, we don’t know any more. It’s a very complex web. Every time you have a transaction [in the supply chain], there’s another opportunity to cheat.” And every week his lab picks up several cases of food fraud happening somewhere in the world. ... The institute is monitored by 24-hour security — with food fraud as yet hard to bring to successful conviction, any refinement in methods of detection is a potential threat to organised crime.
An accelerating field of research suggests that most of the artificial intelligence we’ve created so far has learned enough to give a correct answer, but without truly understanding the information. And that means it’s easy to deceive. ... Machine learning algorithms have quickly become the all-seeing shepherds of the human flock. This software connects us on the internet, monitors our email for spam or malicious content, and will soon drive our cars. To deceive them would be to shift tectonic underpinnings of the internet, and could pose even greater threats for our safety and security in the future. ... Small groups of researchers—from Pennsylvania State University to Google to the U.S. military— are devising and defending against potential attacks that could be carried out on artificially intelligent systems. In theories posed in the research, an attacker could change what a driverless car sees. Or, it could activate voice recognition on any phone and make it visit a website with malware, only sounding like white noise to humans. Or let a virus travel through a firewall into a network. ... Instead of taking the controls of a driverless car, this method shows it a kind of a hallucination—images that aren’t really there. ... “We show you a photo that’s clearly a photo of a school bus, and we make you think it’s an ostrich,” says Ian Goodfellow, a researcher at Google who has driven much of the work on adversarial examples.
The Blackwater of surveillance, the Hacking Team is among the world’s few dozen private contractors feeding a clandestine, multibillion-dollar industry that arms the world’s law enforcement and intelligence agencies with spyware. Comprised of around 40 engineers and salespeople who peddle its goods to more than 40 nations, the Hacking Team epitomizes what Reporters Without Borders, the international anti-censorship group, dubs the “era of digital mercenaries.” ... The Italian company’s tools — “the hacking suite for governmental interception,” its website claims — are marketed for fighting criminals and terrorists. ... “Privacy is very important,” Vincenzetti says on a recent February morning in Milan, pausing to sip his espresso. “But national security is much more important.” ... Between 2003 and 2004, Vincenzetti and two college friends worked in their dank, underground apartment and coded what would become the Hacking Team’s flagship software. Called the Remote Control System (RCS), it commandeers a target’s devices without detection, allowing a government to deploy malware against known enemies. (The product was later dubbed Da Vinci, then Galileo.) Think of it as a criminal dossier: A tab marked “Targets” calls up a profile photo, which a spy must snap surreptitiously using the camera inside the subject’s hacked device. Beside the picture, a menu of technologies (laptop, phone, tablet, etc.) offers an agent the ability to scroll through the person’s data, including email, Facebook, Skype, online aliases, contacts, favorite websites, and geographical location. Over time, the software enables government spooks to build a deep, sprawling portfolio of intelligence. ... A hacktivist known as Phineas Fisher had hijacked the Hacking Team’s official Twitter account and posted an ominous message: “Since we have nothing to hide, we’re publishing all our emails, files, and source code.” Following the message was a link to more than 400 gigabytes of the company’s most sensitive data.
Uganda, in East Africa, is home to 37 million people and one of the poorest countries in the world. It’s perhaps best known for the dictator Idi Amin, who came to power in 1971 and murdered 300,000 of his countrymen during an eight-year reign. Although the country borders tumultuous South Sudan and the Democratic Republic of the Congo (DRC), Uganda today is an island of relative political stability. The economy hums. Shopping malls bloom around the capital. Its people, to generalize, are deeply religious, family-oriented, and averse to profanity. Winston Churchill dubbed Uganda the Pearl of Africa in part for its friendly people. ... It’s also one of the leading providers of mercenaries—or “private military contractors,” as the security industry prefers to call them. They are at once everywhere and nowhere. On TV, a company called Middle East Consultants runs advertisements looking for able-bodied young men to send to Dubai. Talk to taxi drivers as you bump along dirt roads in the capital, Kampala, and each has a friend or cousin or neighbor who raves about the fortune he’s made guarding some embassy or joining the war in Iraq. But official numbers and interviews with the kind of multinational companies that go to countries such as Uganda to find soldiers are hard to come by. ... A decade ago, after con men began running employment frauds on mercenary hopefuls, the Ministry of Gender, Labour, and Social Development created the External Employment Unit, an agency meant to track men leaving to serve abroad. ... Mercenary remittances surpassed coffee exports in 2009, according to the Ministry of Gender, Labour, and Social Development. Interpol’s Kampala bureau conducts roughly 1,000 background checks on Ugandans heading abroad for security jobs every month
The United States Air Force, which runs the G.P.S. Master Control Station, in Colorado, calls G.P.S. “the world’s only global utility.” Wholly owned by the U.S. government, the system is available free to everyone, everywhere; an ISIS terrorist glancing at his phone for a position fix benefits from the Pentagon’s largesse as much as a commuter on I-95. Since the first G.P.S. satellite was launched, in 1978, the system has steadily become the most powerful of its kind. (Other countries have navigation satellite networks, but none are as dependable or as widely available.) There are now around seven G.P.S. receivers on this planet for every ten people. Estimates of the system’s economic value often run into the trillions of dollars. ... The Pentagon’s Defense Advanced Research Projects Agency recently determined that, within thirty seconds of a catastrophic G.P.S. shutdown, a position reading would have a margin of error the size of Washington, D.C. After an hour, it would be Montana-sized. Drivers might miss their freeway exits, but planes would also be grounded, ships would drift off course, commuter-rail systems would be tied up, and millions of freight-train cars with G.P.S. beacons would disappear from the map. ... Fortunately, a worldwide G.P.S. failure is unlikely. A hacker or terrorist would require either a weapon powerful enough to destroy the satellites or a way to infiltrate the heavily fortified Master Control Station. The bigger worry is spoofing, the transmission of a bogus G.P.S. signal that nearby receivers mistake for the real thing.
Many companies already have the ability to run keyword searches of employees’ emails, looking for worrisome words and phrases like embezzle and I loathe this job. But the Stroz Friedberg software, called Scout, aspires to go a giant step further, detecting indirectly, through unconscious syntactic and grammatical clues, workers’ anger, financial or personal stress, and other tip-offs that an employee might be about to lose it. ... To measure employees’ disgruntlement, for instance, it uses an algorithm based on linguistic tells found to connote feelings of victimization, anger, and blame. ... It’s not illegal to be disgruntled. But today’s frustrated worker could engineer tomorrow’s hundred-million-dollar data breach. Scout is being marketed as a cutting-edge weapon in the growing arsenal that helps corporations combat “insider threat,” the phenomenon of employees going bad. Workers who commit fraud or embezzlement are one example, but so are “bad leavers”—employees or contractors who, when they depart, steal intellectual property or other confidential data, sabotage the information technology system, or threaten to do so unless they’re paid off. Workplace violence is a growing concern too. ... Though companies have long been arming themselves against cyberattack by external hackers, often presumed to come from distant lands like Russia and China, they’re increasingly realizing that many assaults are launched from within—by, say, the quiet guy down the hall whose contract wasn’t renewed.
The U.S. electric system is in danger of widespread blackouts lasting days, weeks or longer through the destruction of sensitive, hard-to-replace equipment. Yet records are so spotty that no government agency can offer an accurate tally of substation attacks, whether for vandalism, theft or more nefarious purposes. ... Most substations are unmanned and often protected chiefly by chain-link fences. Many have no electronic security, leaving attacks unnoticed until after the damage is done. Even if there are security cameras, they often prove worthless. In some cases, alarms are simply ignored. ... the Federal Energy Regulatory Commission, which regulates the country’s interstate power system, began requiring that utilities better protect any substation that could disable parts of the U.S. grid if attacked. ... FERC’s new rule, however, doesn’t extend to tens of thousands of smaller substations ... The grid was cobbled together during the electrification of the U.S. over the past 125 years. It is a fragile, interdependent system generally more vulnerable in summer when it is running closer to its limits. It is also at risk during low-demand periods, when power-plant operators and linemen perform maintenance. Fewer plants and transmission lines operating mean fewer options for delivering electricity during emergencies.
This is the story of the first 15 years of how we have dealt with that newfound fear—how we have confronted, sometimes heroically and sometimes irrationally, the mechanics, the politics, and the psychic challenges of the September 12 era. ... Have we succeeded in toughening up what overnight became known as “homeland security”? Absolutely. But not without a series of extravagant boondoggles along the way. ... Are we safer? Yes, we’re safer from the kind of orchestrated attack that shocked us on that September morning. It’s harder for terrorists to get into the country, and harder for them to pull off something spectacular if they do. But we have not plugged some of the most threatening security gaps. Worse, as the Orlando massacre reminded us, the world has become more populated by those who want to exploit those gaps, including those living among us—and who, in the United States, can easily obtain military-grade weapons. They are not deterred by the prospect of their own death, and they are happy to commit acts less ambitious than those of 9/11. That makes their attacks much harder to detect in advance. Our defenses are far stronger, but what we have to defend against has outpaced our progress. ... Have we adjusted, politically and emotionally, so that we can make rational decisions as a government and as a people to deal with the ongoing threat? Not yet. In a bitterly divided democracy, where attention spans are short and civic engagement is low and the potential for oversimplification and governing-by-headlines is high, that is hardly a surprise.
For the members of Congress, who in 2002 provided almost $4 billion to modernize voting technology through the Help America Vote Act, or HAVA—Congress’s response to Bush v. Gore—this probably wasn’t the result they had in mind. But voting by computer has been a technological answer in search of a problem. Those World War II-era pull-lever voting machines may not have been the most elegant of contraptions, but they were easy to use and didn’t crash. Georgia, which in 2002 set out to be an early national model for the transition to computerized voting, shows the unintended consequences. It spent $54 million in HAVA funding to buy 20,000 touchscreen voting machines from Diebold, standardizing its technology across the state. Today, the machines are past their expected life span of 10 years. (With no federal funding in sight, Georgia doesn’t expect to be able to replace those machines until 2020.) The vote tabulators are certified to run only on Windows 2000, which Microsoft stopped supporting six years ago. To support the older operating system, the state had to hire a contractor to custom-build 100 servers—which, of course, are more vulnerable to hacking because they can no longer get current security updates. ... The voting technology business, after a frenetic decade of mergers, acquisitions, and renamings, is dominated by just a few companies: Election Systems & Software, or ES&S, and Dominion Voting Systems are the largest. Neither has much in common with the giants of computing. Apple, Dell, IBM, and HP have all steered clear of the sector, which generates, according to an analysis by Harvard professor Stephen Ansolabehere, about $300 million in annual revenue. For context, Apple generates about $300 million in revenue every 12 hours.
The Office of Personnel Management repels 10 million attempted digital intrusions per month—mostly the kinds of port scans and phishing attacks that plague every large-scale Internet presence—so it wasn’t too abnormal to discover that something had gotten lucky and slipped through the agency’s defenses. In March 2014, for example, OPM had detected a breach in which blueprints for its network’s architecture were siphoned away. But in this case, the engineers noticed two unusually frightening details. First, opmsecurity.org had been registered on April 25, 2014, which meant the malware had probably been on OPM’s network for almost a year. Even worse, the domain’s owner was listed as “Steve Rogers”—the scrawny patriot who, according to Marvel Comics lore, used a vial of Super-Soldier Serum to transform himself into Captain America, a member of the Avengers. ... Registering sites in Avengers-themed names is a trademark of a shadowy hacker group believed to have orchestrated some of the most devastating attacks in recent memory. Among them was the infiltration of health insurer Anthem, which resulted in the theft of personal data belonging to nearly 80 million Americans. And though diplomatic sensitivities make US officials reluctant to point fingers, a wealth of evidence ranging from IP addresses to telltale email accounts indicates that these hackers are tied to China, whose military allegedly has a 100,000-strong cyberespionage division. ... To figure out why the hackers had trained their sights on OPM, investigators would have to determine what, if anything, had been stolen from the agency’s network over the preceding year. But first they had to hunt down and eliminate the malware on its network, an archaic monstrosity that consisted of as many as 15,000 individual machines.
Despite years of economic growth, popular discontent at widespread corruption has grown stronger. A series of scandals about everything from shoddy housing to out-of-date vaccines has led to public cynicism about companies and the government’s ability to enforce rules. Social-credit scoring aims to change that by cracking down on the corrupt officials and companies that plague Chinese life. And it aims to keep a closer track on public opinion. In a society with few outlets for free expression, big data might paradoxically help make institutions more accountable. ... But it could also vastly increase snooping and social control. In other countries there have been many scare stories about Big Data leading to Big Brother. Most have proven false. But China is different. It is a one-party state, with few checks on its power, a tradition of social control and, in President Xi Jinping, a leader even more prone to authoritarianism than his immediate predecessors. The extent of social-credit scoring will depend on what the government intends, whether the technology works and how the party responds to public concerns. ... China treats personal information differently from the West. In democracies, laws limit what companies may do with it and the extent to which governments can get their hands on it. Such protections are imperfect everywhere. But in China they do not exist. The national-security law and the new cyber-security law give the government unrestricted access to almost all personal data.
There was a time, a few years back, when the most sophisticated cyber-warfare tools were still developed and used exclusively by the world’s most sophisticated cyber-warfare combatants: government spy agencies, such as the ultra-secret National Security Agency and its counterparts in Israel and other developed countries and their arch-rivals in China and Russia. The surveillance and monitoring capabilities that Edward Snowden unveiled to the world in 2013 were shocking and little understood, but an ordinary citizen could at least take comfort in the belief that, if he wasn’t a criminal or a spy, it was unlikely these tools would ever be used against him. ... That was then. ... last August, came the startling confirmation from Apple itself: a genuine remote jailbreak “in the wild,” the one discovered and identified by Marczak and the Lookout researchers. To everyone’s surprise it had been out there operating secretly for years. ... By 2010 a true black market for zero days was emerging beyond the usual black market. ... In this new black market few knew exactly who the buyers were, but it was widely assumed that many were governments looking for clever new ways to spy on their own citizenry.
It’s been six years since we first wrote about the coming G-Zero world—a world with no global leader. The underlying shifts in the geopolitical environment have been clear: a US with less interest in assuming leadership responsibilities; US allies, particularly in Europe, that are weaker and looking to hedge bets on US intentions; and two frenemies, Russia and China, seeking to assert themselves as (limited) alternatives to the US—Russia primarily on the security front in its extended backyard, and China primarily on the economic front regionally, and, increasingly, globally. ... These trends have accelerated with the populist revolt against “globalism”—first in the Middle East, then in Europe, and now in the US. Through 2016, you could see the G-Zero picking up speed ... with the shock election of Donald Trump as president of the US, the G-Zero world is now fully upon us.
1. Independent America: Trump rejects the comparative weakness of the presidency, and he wants to more directly project American power in service of US national interests
2. China overreacts: Xi will be extremely sensitive to external challenges to his country’s interests at a time when all eyes are on his leadership
3. A weaker Merkel: Could the Europeans have resolved their financial crises without the Germans forcing a solution?
4. No reform: The reform needle won’t move in 2017. Save for a few bright spots, money won’t know where to flow
5. Technology and the Middle East: Technology, a force for economic growth and efficiency, also exacerbates political instability
6. Central banks get political: In the US, there’s risk of an open conflict between the Federal Reserve and the White House
7. The White House versus Silicon Valley: Technology leaders from California, the major state that voted in largest numbers against Trump in the election, have a bone to pick with the new president
8. Turkey: Ever-fewer checks on executive power will leave the private sector vulnerable to political whims
9. North Korea: It’s making consistent progress on an intercontinental ballistic missile capability that would allow it to hit the West Coast of the US with a nuclear weapon
10. South Africa: South Africa’s political infighting will undermine the country’s traditional role as a force for regional security
Red Herrings: US domestic policy, India versus Pakistan, Brazil