At a minimum, attackers who have control of a company's operational network could use it to ... turn on or off breakers inside the companies' infrastructure and hijack systems that monitor the health of the grid. That's an unsettling scenario, but there's a more troubling one still: the attackers might also be able to use their control of multiple grid-connected operational networks to create the kinds of failures that led to the Northeast Blackout of 2003.

with the rise of private firms like Hacking Team, penetrating the email accounts of political opponents does not require the kind of money and expertise available to major powers. A subscription-based website called Insider Surveillance lists more than a dozen companies selling so-called ethical malware, including Milan-based Hacking Team, the German firms FinFisher and Trovicor and the Israeli company Nice. Compared with conventional arms, surveillance software is subject to few trade controls

THERE IS A COMMON misperception that the surest way to frustrate hackers is to encrypt data. But advanced persistent threats are skilled at routing around such measures. The first item groups like these usually swipe is...the usernames and passwords of everyone authorized to access the network...in search of one that offers maximum system privileges; the ideal is one that belongs to a domain administrator who can decrypt data at will

Although the hackers did not alter any data, the intrusion marks the first successful compromise of a state voter registration database ... Until now, countries such as Russia and China have shown little interest in voting systems in the United States. But experts said that if a foreign government gained the ability to tamper with voter data — for instance by deleting registration records — such a hack could cast doubt on the legitimacy of U.S. elections.

the machines that Americans use at the polls are less secure than the iPhones they use to navigate their way there ... it’s not just the voting machines themselves—it’s the desktop and laptop computers that election officials use to prepare the ballots, prepare the electronic files from the OpScan machines, panel voter registration, electronic poll books. And the computers that aggregate the results ... If any of those get hacked, it could could significantly disrupt the election.

The Blackwater of surveillance, the Hacking Team is among the world’s few dozen private contractors feeding a clandestine, multibillion-dollar industry that arms the world’s law enforcement and intelligence agencies with spyware. Comprised of around 40 engineers and salespeople who peddle its goods to more than 40 nations, the Hacking Team epitomizes...the “era of digital mercenaries.” ... a worrying trend: corrupt regimes using surveillance companies’ wares for anti-democratic purposes.

the control systems in Ukraine were surprisingly more secure than some in the US, since they were well-segmented from the control center business networks with robust firewalls. But in the end they still weren’t secure enough ... many power grid control systems here don’t have manual backup functionality, which means that if attackers were to sabotage automated systems here, it could be much harder for workers to restore power.

the British chancellor of the Exchequer, said in a speech last month that Islamic State militants were trying to develop the ability to carry out digital attacks on critical systems ... In the United States, Clifton Triplett ... said this month that he expected ... ISIS, might ultimately breach the agency’s systems, too. But private security researchers who track the Islamic State’s online efforts say the group’s capabilities are in fact not much better than those of tech-savvy teenagers

America’s top intelligence officials have repeatedly warned of what they describe as the next great threat in cyberspace: hackers not just stealing data but altering it, threatening military operations, key infrastructure, and broad swaths of corporate America. It’s the kind of attack they say would be difficult to detect and capable of seriously damaging public trust in the most basic aspects of both military systems and a broader economy