Total Solar Eclipse
Featured Series: Total Solar Eclipse
Aug. 21, 2017 will be America's best chance to see a total solar eclipse for the next seven years.

The Cybersecurity Stakes Just Keep Getting Bigger

Hackers have ransomed hospitals, shut down the internet and are accused of influencing the U.S. election. And the risks are growing.
SMS
The Cybersecurity Stakes Just Keep Getting Bigger

Cyberattacks are getting worse. This year, we've seen more massive personal data breaches, more institutions held at ransom for their data, a massive attack on internet infrastructure and another major email leak with major political consequences.

On top of that, tech companies tend to focus on innovation over security, which means introducing new products and piloting new concepts as soon as possible.

But those new features also mean fresh opportunities for attackers.

Cybersecurity expert Marshall Heilman tells AOL only a really huge event would convince the government to think about stricter security regulations.

Heilman compares IT security to safety standards in the oil and gas industry. Major, highly publicized catastrophes usually prompt additional government oversight and regulation, which helps make things safer in the future.

For example, when companies found out newer cars could be remotely controlled over the internet, they took action.

"So we're killing the engine right now," a man said as he hacked a car.

The possibility of a mass digital carjacking is remote, but this video from Wired prompted Fiat Chrysler to recall 1.4 million vehicles.

Internet-connected medical devices are another potential vector for attack. Weak security on connected pacemakers, insulin pumps and bionic limbs could have lethal consequences.

But as the risk grows, so does the incentive to improve security. One market research firm estimates the cybersecurity industry could grow to $200 billion in the next five years.

And Heilman notes company responses to hackers are also improving; the amount of time hackers can lurk in a system before they're detected has dropped from an average of 600 days about six years ago to around 146 days today. That's obviously still pretty bad, but at least it's a sign the industry is getting better at dealing with threats.