今日頭條
官方微信
官方抖音
資訊頻道最近的總結帖頗多,一些引人注目的數據泄露事件影響了大量用戶和技術發展,必將給未來幾年的市場帶來沖擊。CSOOnline根據安全和IT主管的看法,給出了一些更值得注意的發展趨勢。2017年網絡安全事件是不是會在這些方面呢?
2016網絡安全事件回顧
(1)DNS事件導致互聯網網站下線
10月末,提提供受管DNS服務的基礎設施提供商Dyn被攻擊,隨后許多互聯網網站(包括一些最大的網站)下線。
這次DDoS攻擊事件影響了美國東海岸大部分地區的用戶,以及德克薩斯、華盛頓和加利福尼亞的數據中心。根據Dyn發布的聲明,幾千萬個IP地址向它的基礎設施發動了攻擊。
Barr Snyderwine, director of information systems and technology at Hargrove 評價
“The DNS attack was interesting in that it made all levels of [our] company aware that security-driven changes to our DNS and internet access were made in order to avoid such denial of service,”
“It also made all users aware that security is important,” Snyderwine says. “Users have to be aware that every device is a potential risk and that it can impact their own jobs. Our security phishing training we provided just the previous month is serious business. In fact, many people said it helped them at home and work.”
(2)勒索軟件攻擊增多
2016年,勒索軟件攻擊在所有行業都變得更常見。但醫療保健行業輕松成為這類攻擊的最大目標。隨著多次高調攻擊醫院成功,網絡罪犯越來越多地瞄準醫療保健提供者。
James Beeson, CISO and IT risk leader at GE Capital Americas評價
“There is a significant increase in ransomware overall, but we1re also seeing the bad guys hone in on important operations like healthcare and fine tune their pricing to make it more cost effective for the victim to pay rather than fight,”
(3)雅虎確認大規模數據泄露
在某些報道成為史上對大規模數據泄露的事件中,互聯網新聞和搜索網站雅虎在9月份宣布,該公司近期開展的調查確認,攻擊者在2014年末從該公司網絡竊取了用戶賬戶信息。
據雅虎首席信息安全官Bob Load所說,失竊賬戶信息可能包括姓名、電子郵件地址、電話號碼、生日和其他數據。根據調查結果,雅虎懷疑至少有5億賬戶的相關信息失竊。
Apart from the number of records, what makes the Yahoo incident stand out is that the company was in the midst of being acquired by communications provider Verizon for $4.8 billion. News of the breach led to speculation about the potential impact on the transaction.
Beeson 評價
“Clearly it's become a major sticking point in the negotiation and serves to remind us all of the financial magnitude an account breach can have on a company,”
“I suspect it's also impacted the cycle time of the deal, which also costs both companies money.”
To make matters worse, in December Yahoo reported that data associated with more than 1 billion user accounts was stolen in August 2013. The incident is separate from the earlier breach Yahoo announced.
Stolen user data from the newer breach involves names, email addresses, phone numbers, dates of birth, and hashed passwords using an aging algorithm known as MD5 that can be cracked.
(4)美國大選中的黑客攻擊
美國民主黨全國委員會的電腦遭受攻擊,引發俄羅斯涉及黑客攻擊的猜測,并激起了對俄羅斯影響美國大選的擔憂。另外,維基解密公布了數千份從美國民主黨全國委員會竊取的電子郵件。
展望2017網絡安全形勢
(1)人工智能(Artificial Intelligence,AI)取得進展
今年,人工智能變得更加主流。隨著AI功能被嵌入到越來越多的設備,機器變得越來越智能。
各公司使用機器學習技術訓練機器人,使其具有更強的功能,執行更復雜的任務。數據分析和可視數據分析的進步為AI帶來了新維度。另外,用于語言處理的機器學習算法得到增強,使得人機交流更加簡單。
這一切都對安全有重大影響。
All of this has significant implications for security.
“AI has come a long way with machine learning technologies now capable of performing intelligent analysis of data and situations,” says Erkan Kahraman, CSO at Planview. “It’s also making an impact on the security industry, where we see more tools and solutions with AI capability, such as network intrusion detection with AI or advanced data analytics and behavior analysis powered by AI. Everything will be plus-AI in the future.”
(2)聚光燈下的區塊鏈
今年還發生了很多與區塊鏈——記錄所有已發生的比特幣交易的公開分類賬——相關的事件。這一數字分類賬可以在分布式網絡中的系統間共享。隨著區塊以線性、時間順序不停添加,這個分類賬在不斷增長。
區塊鏈使用加密技術令參與者能安全操作分類賬,而不需要一個中央權威。
Kahraman評價
“Blockchain itself is a technology with potential to transform our lives significantly, “
“It’s regarded as a ‘secure’ way to perform decentralized, peer-to-peer transactions due to the inherent transparency and availability it provides. This is great for public data or data which is meant to be seen by others. But we are only just exploring how to secure ledgers and transactions when it comes to proprietary and sensitive information in private blockchains.”
(3)機器人流程自動化(Robotic Process Automation,RPA)興起
對RPA工具的需求正在上升。這些工具使用軟件“機器人”來復制人類工作者的行為,比如數據輸入。機構可以配置RPA軟件來捕獲和翻譯現有業務應用程序的操作。
這類軟件可以自動地操作數據、與其他系統溝通并根據需要處理事務。與其他新技術一樣,RPA對安全也有影響。
Christina Critzer, senior vice president, Enterprise Shared Services as SunTrust.評價
“Where RPA is most effective is with standing up a center of excellence [COE] to assess and execute automation opportunities,”
“By its very nature the COE has the ability to cut across applications and teams to automate activities,”
“This challenges typical security models, which emphasize segregation of duties.”
(4)內部威脅的增長
長期以來,對內部威脅的處理一直是安全管理員的關注點,但這樣的關注似乎在增長。
來源:安全加
北京市公安局海淀分局備案號:11010802023656號