2016: The year hacking became serious business

Another day, another hack.
Another day, another hack.
Image: AP Photo/Marcio Jose Sanchez
We may earn a commission from links on this page.

You might think of the internet as a series of walled gardens, surrounded by wild jungle.

“You can make the walled garden very, very, sweet,” as Tim Berners-Lee has noted, referring to the corporate-managed plots where the planting is controlled. “But the jungle outside is always more appealing in the long term.”

This year may have proved Berners-Lee right, though perhaps not in the way he might have hoped for. Out of the jungle this year have emerged hacks, disruptions, and theft of unprecedented scale. Vast swathes of the internet were taken out for hours at a time; a billion user accounts were compromised at one of the internet’s commercial pioneers; and, of course, the theft and subsequent leak (paywall) of communications from the Democratic party, aimed at swaying the outcome of the US presidential election.

Part of the reason disruptions keep happening is the internet’s decentralized design. For instance, a technical fix exists for DDoS attacks, but all the internet’s tens of thousands of service providers must implement it for it to work. A combination of inertia and costs makes this unlikely to happen anytime soon.

You only have to look at the how the internet has responded to the exhaustion of IP addresses, the network’s basic identifiers, to see how difficult it is to get a decentralized system to do something collectively. IPv4 addresses have been exhausted since 2011 in some regions, yet the uptake of IPv6, its successor protocol, remains at roughly 15%, some eight years after it became available.

We may remember 2016 as the year digital disruptions went from merely expensive nuisances to serious economic and political threats. As the internet continues to intertwine with our critical infrastructure, we’ll have to pay as much attention to its wildernesses as the walled gardens they surround.