The big rising threats for this year include:
Ransomware – Computing devices are locked and encrypted, usually through a clicked link
or installed malware.
今年日益严重的威胁包括:勒索软件——计算设备被锁定和加密,通常通过点击链接或安装恶意软件。
The users are threatened, if they don’t pay, by a certain time, files will start to
be deleted.
用户受到威胁,如果他们不付款,在一定的时间内,文件将开始被删除。
Paying for the decryption key encourages ransomware artists to continue,
funds future activities of these adversaries,
and doesn’t even guarantee that a key will be sent,
or if sent will even work.
支付解密密钥的费用会鼓励勒索软件艺术家继续下去,为这些对手的未来活动提供资金,甚至不能保证密钥会被发送,或者如果发送的话,密钥甚至会起作用。
An IBM Study reported 4,000 ransomware attacks were unleashed each day of 2016,
more than four times the number in 2015.
IBM的一项研究报告显示,2016年每天有4000起勒索软件攻击事件发生,是2015年的四倍多。
This is expected to rise even more in 2017.
预计2017年这一数字将进一步上升。
Integrity – Sabotaging data is also being hailed as a major source of cybersecurity
problems in 2017.
破坏数据完整性也被誉为2017年网络安全问题的一个主要来源。
Hackers, while they certainly have gone after the confidentiality in a prolific rate the
last few years,
will now throw doubt and confusion into the accuracy and reliability of information,
affecting decisions made in both the public and private sectors.
黑客虽然在过去几年里确实以很高的速度追求保密,但现在他们将对信息的准确性和可靠性产生怀疑和困惑,影响公共和私营部门的决策。
Data will be changed.
数据将被更改。
Cyberattacks involving integrity won’t necessarily be after a specific company,
but will be done to just eliminate any form of trust.
涉及诚信的网络攻击不一定针对某个特定的公司,只是为了消除任何形式的信任。
People won’t know what’s real and what’s fake anymore.
人们不再知道什么是真的,什么是假的。
The stock market, banks, laboratories, and lots of publicly traded companies therefore
have much to lose.
因此,股市、银行、实验室和许多上市公司将损失惨重。
Accounts will be added to systems.
帐户将被添加到系统中。
How can you determine if an account is a rogue account part of an attack, or a legitimate
one?
您如何确定一个帐户是攻击中的流氓帐户,还是合法帐户?
How can you keep an attacker from observing your network,
if he has a legitimate (self-created) account on the network?
如果攻击者在网络上有合法的(自创建的)帐户,您如何阻止他观察您的网络?
Attackers spend hundreds of days undetected inside of networks as it is right now.
攻击者在网络内部花费了数百天时间而未被发现,就像现在这样。
Integrity attacks could make it years of not being detected or in some cases, hackers could
stay in networks indefinitely!
完整性攻击可能使其多年未被发现,或者在某些情况下,黑客可能无限期地留在网络中!
Additional Resources
For a look at some of the things to expect in the coming year, read this article that I am featured in: Security 2019 Predictions (Part 8), Tom Smith, DZone
Here are some other articles on the current threat environment:
- The 5 Biggest Cybersecurity Threats of 2019 Revealed, Luke James, Make Use Of
- 9 cyber security predictions for 2019, CSO
- 2019 Cybersecurity Predictions: Privacy, Doug Olenick, SC Media
- Cyber Security Predictions: 2019 and Beyond, Dr. Hugh Thompson and Steve Trilling, Symantec
- Top ten cybersecurity predictions for 2019, Ian Kilpatrick,TechRadar
- 额外的资源
要了解未来一年的一些预期,请阅读我在《安全2019年预测》(第8部分)中发表的这篇文章
以下是关于当前威胁环境的其他一些文章:
2019年5大网络安全威胁被揭露,卢克·詹姆斯利用
2019年的网络安全预测
2019年网络安全预测:隐私,Doug Olenick, SC Media
网络安全预测:2019年及以后,休·汤普森博士和史蒂夫·特里林,赛门铁克
《科技雷达》伊恩·基尔帕特里克,2019年十大网络安全预测