最近的總結帖頗多，一些引人注目的數據泄露事件影響了大量用戶(hù)和技術(shù)發(fā)展，必將給未來(lái)幾年的市場(chǎng)帶來(lái)沖擊。CSOOnline根據安全和IT主管的看法，給出了一些更值得注意的發(fā)展趨勢。2017年網(wǎng)絡(luò )安全事件是不是會(huì )在這些方面呢？

2016網(wǎng)絡(luò )安全事件回顧

（1）DNS事件導致互聯(lián)網(wǎng)網(wǎng)站下線(xiàn)

10月末，提提供受管DNS服務(wù)的基礎設施提供商Dyn被攻擊，隨后許多互聯(lián)網(wǎng)網(wǎng)站（包括一些最大的網(wǎng)站）下線(xiàn)。

這次DDoS攻擊事件影響了美國東海岸大部分地區的用戶(hù)，以及德克薩斯、華盛頓和加利福尼亞的數據中心。根據Dyn發(fā)布的聲明，幾千萬(wàn)個(gè)IP地址向它的基礎設施發(fā)動(dòng)了攻擊。

Barr Snyderwine, director of information systems and technology at Hargrove 評價(jià)

“The DNS attack was interesting in that it made all levels of [our] company aware that security-driven changes to our DNS and internet access were made in order to avoid such denial of service,”

“It also made all users aware that security is important,” Snyderwine says. “Users have to be aware that every device is a potential risk and that it can impact their own jobs. Our security phishing training we provided just the previous month is serious business. In fact, many people said it helped them at home and work.”

（2）勒索軟件攻擊增多

2016年，勒索軟件攻擊在所有行業(yè)都變得更常見(jiàn)。但醫療保健行業(yè)輕松成為這類(lèi)攻擊的最大目標。隨著(zhù)多次高調攻擊醫院成功，網(wǎng)絡(luò )罪犯越來(lái)越多地瞄準醫療保健提供者。

James Beeson, CISO and IT risk leader at GE Capital Americas評價(jià)

“There is a significant increase in ransomware overall, but we1re also seeing the bad guys hone in on important operations like healthcare and fine tune their pricing to make it more cost effective for the victim to pay rather than fight,”

（3）雅虎確認大規模數據泄露

在某些報道成為史上對大規模數據泄露的事件中，互聯(lián)網(wǎng)新聞和搜索網(wǎng)站雅虎在9月份宣布，該公司近期開(kāi)展的調查確認，攻擊者在2014年末從該公司網(wǎng)絡(luò )竊取了用戶(hù)賬戶(hù)信息。

據雅虎首席信息安全官Bob Load所說(shuō)，失竊賬戶(hù)信息可能包括姓名、電子郵件地址、電話(huà)號碼、生日和其他數據。根據調查結果，雅虎懷疑至少有5億賬戶(hù)的相關(guān)信息失竊。

Apart from the number of records, what makes the Yahoo incident stand out is that the company was in the midst of being acquired by communications provider Verizon for $4.8 billion. News of the breach led to speculation about the potential impact on the transaction.

Beeson 評價(jià)

“Clearly it's become a major sticking point in the negotiation and serves to remind us all of the financial magnitude an account breach can have on a company,”

“I suspect it's also impacted the cycle time of the deal, which also costs both companies money.”

To make matters worse, in December Yahoo reported that data associated with more than 1 billion user accounts was stolen in August 2013. The incident is separate from the earlier breach Yahoo announced.

Stolen user data from the newer breach involves names, email addresses, phone numbers, dates of birth, and hashed passwords using an aging algorithm known as MD5 that can be cracked.

（4）美國大選中的黑客攻擊

美國民主黨全國委員會(huì )的電腦遭受攻擊，引發(fā)俄羅斯涉及黑客攻擊的猜測，并激起了對俄羅斯影響美國大選的擔憂(yōu)。另外，維基解密公布了數千份從美國民主黨全國委員會(huì )竊取的電子郵件。

展望2017網(wǎng)絡(luò )安全形勢

（1）人工智能（Artificial Intelligence，AI）取得進(jìn)展

今年，人工智能變得更加主流。隨著(zhù)AI功能被嵌入到越來(lái)越多的設備，機器變得越來(lái)越智能。

各公司使用機器學(xué)習技術(shù)訓練機器人，使其具有更強的功能，執行更復雜的任務(wù)。數據分析和可視數據分析的進(jìn)步為AI帶來(lái)了新維度。另外，用于語(yǔ)言處理的機器學(xué)習算法得到增強，使得人機交流更加簡(jiǎn)單。

這一切都對安全有重大影響。

All of this has significant implications for security.

“AI has come a long way with machine learning technologies now capable of performing intelligent analysis of data and situations,” says Erkan Kahraman, CSO at Planview. “It’s also making an impact on the security industry, where we see more tools and solutions with AI capability, such as network intrusion detection with AI or advanced data analytics and behavior analysis powered by AI. Everything will be plus-AI in the future.”

（2）聚光燈下的區塊鏈

今年還發(fā)生了很多與區塊鏈——記錄所有已發(fā)生的比特幣交易的公開(kāi)分類(lèi)賬——相關(guān)的事件。這一數字分類(lèi)賬可以在分布式網(wǎng)絡(luò )中的系統間共享。隨著(zhù)區塊以線(xiàn)性、時(shí)間順序不停添加，這個(gè)分類(lèi)賬在不斷增長(cháng)。

區塊鏈使用加密技術(shù)令參與者能安全操作分類(lèi)賬，而不需要一個(gè)中央權威。

Kahraman評價(jià)

“Blockchain itself is a technology with potential to transform our lives significantly, “

“It’s regarded as a ‘secure’ way to perform decentralized, peer-to-peer transactions due to the inherent transparency and availability it provides. This is great for public data or data which is meant to be seen by others. But we are only just exploring how to secure ledgers and transactions when it comes to proprietary and sensitive information in private blockchains.”

（3）機器人流程自動(dòng)化（Robotic Process Automation，RPA）興起

對RPA工具的需求正在上升。這些工具使用軟件“機器人”來(lái)復制人類(lèi)工作者的行為，比如數據輸入。機構可以配置RPA軟件來(lái)捕獲和翻譯現有業(yè)務(wù)應用程序的操作。

這類(lèi)軟件可以自動(dòng)地操作數據、與其他系統溝通并根據需要處理事務(wù)。與其他新技術(shù)一樣，RPA對安全也有影響。

Christina Critzer, senior vice president, Enterprise Shared Services as SunTrust.評價(jià)

“Where RPA is most effective is with standing up a center of excellence [COE] to assess and execute automation opportunities,”

“By its very nature the COE has the ability to cut across applications and teams to automate activities,”

“This challenges typical security models, which emphasize segregation of duties.”

（4）內部威脅的增長(cháng)

長(cháng)期以來(lái)，對內部威脅的處理一直是安全管理員的關(guān)注點(diǎn)，但這樣的關(guān)注似乎在增長(cháng)。

來(lái)源：安全加