最近的总结帖颇多，一些引人注目的数据泄露事件影响了大量用户和技术发展，必将给未来几年的市场带来冲击。CSOOnline根据安全和IT主管的看法，给出了一些更值得注意的发展趋势。2017年网络安全事件是不是会在这些方面呢？

2016网络安全事件回顾

（1）DNS事件导致互联网网站下线

10月末，提提供受管DNS服务的基础设施提供商Dyn被攻击，随后许多互联网网站（包括一些最大的网站）下线。

这次DDoS攻击事件影响了美国东海岸大部分地区的用户，以及德克萨斯、华盛顿和加利福尼亚的数据中心。根据Dyn发布的声明，几千万个IP地址向它的基础设施发动了攻击。

Barr Snyderwine, director of information systems and technology at Hargrove 评价

“The DNS attack was interesting in that it made all levels of [our] company aware that security-driven changes to our DNS and internet access were made in order to avoid such denial of service,”

“It also made all users aware that security is important,” Snyderwine says. “Users have to be aware that every device is a potential risk and that it can impact their own jobs. Our security phishing training we provided just the previous month is serious business. In fact, many people said it helped them at home and work.”

（2）勒索软件攻击增多

2016年，勒索软件攻击在所有行业都变得更常见。但医疗保健行业轻松成为这类攻击的最大目标。随着多次高调攻击医院成功，网络罪犯越来越多地瞄准医疗保健提供者。

James Beeson, CISO and IT risk leader at GE Capital Americas评价

“There is a significant increase in ransomware overall, but we1re also seeing the bad guys hone in on important operations like healthcare and fine tune their pricing to make it more cost effective for the victim to pay rather than fight,”

（3）雅虎确认大规模数据泄露

在某些报道成为史上对大规模数据泄露的事件中，互联网新闻和搜索网站雅虎在9月份宣布，该公司近期开展的调查确认，攻击者在2014年末从该公司网络窃取了用户账户信息。

据雅虎首席信息安全官Bob Load所说，失窃账户信息可能包括姓名、电子邮件地址、电话号码、生日和其他数据。根据调查结果，雅虎怀疑至少有5亿账户的相关信息失窃。

Apart from the number of records, what makes the Yahoo incident stand out is that the company was in the midst of being acquired by communications provider Verizon for $4.8 billion. News of the breach led to speculation about the potential impact on the transaction.

Beeson 评价

“Clearly it's become a major sticking point in the negotiation and serves to remind us all of the financial magnitude an account breach can have on a company,”

“I suspect it's also impacted the cycle time of the deal, which also costs both companies money.”

To make matters worse, in December Yahoo reported that data associated with more than 1 billion user accounts was stolen in August 2013. The incident is separate from the earlier breach Yahoo announced.

Stolen user data from the newer breach involves names, email addresses, phone numbers, dates of birth, and hashed passwords using an aging algorithm known as MD5 that can be cracked.

（4）美国大选中的黑客攻击

美国民主党全国委员会的电脑遭受攻击，引发俄罗斯涉及黑客攻击的猜测，并激起了对俄罗斯影响美国大选的担忧。另外，维基解密公布了数千份从美国民主党全国委员会窃取的电子邮件。

展望2017网络安全形势

（1）人工智能（Artificial Intelligence，AI）取得进展

今年，人工智能变得更加主流。随着AI功能被嵌入到越来越多的设备，机器变得越来越智能。

各公司使用机器学习技术训练机器人，使其具有更强的功能，执行更复杂的任务。数据分析和可视数据分析的进步为AI带来了新维度。另外，用于语言处理的机器学习算法得到增强，使得人机交流更加简单。

这一切都对安全有重大影响。

All of this has significant implications for security.

“AI has come a long way with machine learning technologies now capable of performing intelligent analysis of data and situations,” says Erkan Kahraman, CSO at Planview. “It’s also making an impact on the security industry, where we see more tools and solutions with AI capability, such as network intrusion detection with AI or advanced data analytics and behavior analysis powered by AI. Everything will be plus-AI in the future.”

（2）聚光灯下的区块链

今年还发生了很多与区块链——记录所有已发生的比特币交易的公开分类账——相关的事件。这一数字分类账可以在分布式网络中的系统间共享。随着区块以线性、时间顺序不停添加，这个分类账在不断增长。

区块链使用加密技术令参与者能安全操作分类账，而不需要一个中央权威。

Kahraman评价

“Blockchain itself is a technology with potential to transform our lives significantly, “

“It’s regarded as a ‘secure’ way to perform decentralized, peer-to-peer transactions due to the inherent transparency and availability it provides. This is great for public data or data which is meant to be seen by others. But we are only just exploring how to secure ledgers and transactions when it comes to proprietary and sensitive information in private blockchains.”

（3）机器人流程自动化（Robotic Process Automation，RPA）兴起

对RPA工具的需求正在上升。这些工具使用软件“机器人”来复制人类工作者的行为，比如数据输入。机构可以配置RPA软件来捕获和翻译现有业务应用程序的操作。

这类软件可以自动地操作数据、与其他系统沟通并根据需要处理事务。与其他新技术一样，RPA对安全也有影响。

Christina Critzer, senior vice president, Enterprise Shared Services as SunTrust.评价

“Where RPA is most effective is with standing up a center of excellence [COE] to assess and execute automation opportunities,”

“By its very nature the COE has the ability to cut across applications and teams to automate activities,”

“This challenges typical security models, which emphasize segregation of duties.”

（4）内部威胁的增长

长期以来，对内部威胁的处理一直是安全管理员的关注点，但这样的关注似乎在增长。

来源：安全加