Is any defense possible?
Technologists are working furiously on new strategies. One idea is to use artificial intelligence to monitor networks for suspicious activity that would otherwise go unnoticed, acting as a digital “immune system.” Some researchers are developing hardware that’s built for security from the ground up, including computer chips that can’t be fooled by bogus instructions. But even under ideal conditions, the nature of computing makes attacks inevitable. It’s estimated that programmers commit about 50 errors per every 1,000 lines of code. The latest version of Windows is roughly 50 million lines long, and the Android smartphone operating system has 12 million lines of code. Even after rigorous checking, bugs get through. Then there’s the potential for human error: Hillary Clinton’s campaign chairman, John Podesta, made the 2016 Russian hack possible by clicking on a spearphishing link, giving hackers access to his emails. “The attackers only have to find one weakness,” says Kathleen Fisher, a computer scientist at Tufts University. “The defenders have to plug every single hole, including ones they don’t know about.”