Why Aren't We Learning From These Devastating Cyberattacks?

Why don’t we learn from these breaches, especially when we see the same type of malware used repeatedly? The question was directed at Meg King, strategic and national security adviser at the Wilson Center, who said the problem isn’t so much that organizations aren’t learning -- it's more about cultivating public-private partnerships that can share cyberthreat information in real time rather than just "rapidly."

King, whose research at the Wilson Center includes examining ISIS’ cyber caliphate and confronting terror-affiliated hacktivists, also talked about whether cyberterrorists could potentially start using zero-day exploits -- a previously unknown software vulnerability -- to attack US entities. Zero days require a certain level of expertise, King said, and though there is a possibility terrorists could hire someone who has the right skills, the chances are bigger that a nation state would use that type of exploit. “It’s very hard to know, unless you go trolling the Dark Web,” she said, referring to the online underground. “But I think it’s much more likely we’ll see more and more zero days...in an act by a nation state."