I think the gist of this story, for us outside the USA is basically "If your organisation have not invested in cybersecurity, you are too late."

How the US Lost to Hackers - The New York Times (nytimes.com)

 

Three decades ago, the United States spawned, then cornered, the market for hackers, their tradecraft, and their tools. But over the past decade, its lead has been slipping, and those same hacks have come boomeranging back on us.

 

At the N.S.A., whose dual mission is gathering intelligence around the world and defending American secrets, offense eclipsed defense long ago. For every hundred cyberwarriors working offense — searching and stockpiling holes in technology to exploit for espionage or battlefield preparations — there was often only one lonely analyst playing defense to close them shut.

 

America remains the world’s most advanced cyber superpower, but the hard truth, the one intelligence officials do not want to discuss, is that it is also its most targeted and vulnerable. 

 

And the potential for a calamitous attack — a deadly explosion at a chemical plant set in motion by vulnerable software, for example — is a distraction from the predicament we are already in. Everything worth taking has already been intercepted: Our personal data, intellectual property, voter rolls, medical records, even our own cyberweaponry.

 

At this very moment, we are getting hacked from so many sides that it has become virtually impossible to keep track, let alone inform the average American reader who is trying to grasp a largely invisible threat that lives in code, written in language that most of us will never fully understand.

 

This threat often feels too distant to combat, but the solutions have been there for decades: Individuals just decided that access and convenience, and in governments’ case, the opportunities for espionage, were worth leaving windows open, when we would have all been better off slamming them shut.