This post has zero to do with politics. I want none on it. While it is relevant to recent events, there's a lot more to it, namely how the Internet has to change for everyone's security (and why it probably won't).
The simple fact it that it is extremely difficult to catch cyber criminals and not much effort is made to actually do so. Why? Because it is almost impossible to accurately attribute attacks. This is because of the way the net was designed by DARPA way back when there was no cyber crime, and when it wasn't anticipated at all.
"The pioneers sough to establish a robust, non-centralized internet that could not be physically destroyed by attacking a few key communications centers, and that could ensure secure communications. The pioneers sought to establish a robust, non-centralized internet that could not be physically destroyed by attacking a few key communications centers, and that could ensure secure communications. But every day, nowadays, there are millions of attacks,” he said. “Nobody goes after the criminals. So why not develop the technologies to do so? Change the internet protocol,” he urged. “You need to re-engineer the internet to enable identification of the source of everything." -Gen. Y. ben Israel
"How does the internet work? You want to send me an email. You have a supplier. Netvision, say. Netvision has Wi-Fi. You’re in contact with a local server, one of thousands. It takes your note and breaks it into packets, each of which has its own ID. That server sends all the packets to all the servers it is in touch with. And all those servers send all those packets to all the servers they’re in touch with. It’s a global infrastructure. Now, one of those servers is my local server. It puts all the packets together and delivers your note to me.
Why was the internet set up like that? One: You’d have to destroy half the world to prevent your note being delivered to me. Two, no single packet has all the information. So everything is secure. That’s how the internet was set up by DARPA." - ibid
Because there are so many methods of attack and so many variants, individual defense is a virtual impossibility. Developing endless tools for defense is equally pointless. What has to happen (if we wish to put an end to the attacks) is redesign of the internet to make attributaability and answerability the sine qua nons.
That would mean that there would be no more privacy regarding the source of posts and communications, etc. It would not mean that personal data would be involved. In fact, personal and financial data would become infinitely more secure.
Unfortunately, insecurities in OSs, software and browsers have to be addressed, as well. Intelligence agencies and law enforcement agencies are in conflict here with personal and state attributability and accountability. Intelligence agencies are very much interested in maintaining vulnerabilities...and that's probably why the net won't change, despite the positives of attributability for law enforcement and for intelligence as well.