View
1.459
Download
0
Category
Preview:
Citation preview
“The story that was most curious to me was the surprise
announcement in May by the authors of the Teslacrypt
ransomware. They posted a short and simple message that they shut down their ‘project’ and they released the master
decryption key. While there is plenty of speculation about why the authors did this, it
still remains a mystery what caused the demise of
Teslacrypt.”
-BOB COVELLO @bobcovello
“The Mirai botnet, made up of hundreds of thousands of
compromised poorly-secured IoT devices, bringing down a DNS
service and – as a result – making many of the world’s
most popular websites utterly inaccessible.”
-GRAHAM CLULEY @gcluley
“Nothing has defined 2016 for the security community quite like Locky …. Given its sharing of infrastructure with one of the most persistent banking trojans in the wild, not to mention the current lack of decryptor, the ransomware will likely continue to make waves and prey upon unsuspecting users for years to come.”
-DAVID BISSON @davidmbisson
“In my opinion, the biggest battle has been for privacy. We’ve seen recent laws … that have created
legislation to give governments sweeping power, [concerning] privacy advocates. Along these lines,
we also watched a debate between the FBI and Apple in regards to a backdoor being requested to their iPhones. Digital privacy will continue taking a
bigger role in the news, and I think we’ll see encryption and privacy techniques built into
software as a response.”
-MATT PASCUCCI @matthewpascucci
“I can’t forget the Dyn attack that happened this October. Attacking a major
DNS provider is catastrophic because it
allows for phishing websites to succeed, which can lead
to man-in-the-middle attacks, credential theft
and malware infection .... Corporations online must
focus on having lots of redundancy in DNS
providers.”
-KIM CRAWLEY @kim_crawley
“The most memorable events of the year will prove to be the transfer of the Internet’s DNS to Internet Corporation of Assigned Names and Number (ICANN), the growth in number of Internet-connected devices (IoT) and continued growth of exploitation platforms like the Mirai botnet. Easy access to tools like Mirai make it easy for emotionally- and ethically-deprived actors to wreak economic havoc on unsuspecting targets.” �
-JIM NATTERAUER @jnitterauer
“I find the attack from the Mirai botnet to be the most notable event
of 2016 …. This was certainly an excellent example of why
redundancy and the main plans – disaster recovery, business
continuity and incident response – are vital to every business.”
-JOE GRAY @c_3pjoe
“I’ve been looking at insider threats more closely this year. In a nutshell: it only takes a few minutes to post company data for sale on the Dark Web. Once the information is posted – there is no going back. Whether it is via a disgruntled employee or a compromised account – internal information offered in the underground can bring a company to its knees.”
-BEV ROBB @teksquisite
“Recently, I was the target of a phishing campaign. The attacker
sent me an email saying my MS Outlook mailbox could no longer
send messages because it was too large .... This email stopped me in my tracks because I regularly do
exceed the allowed size of my mailbox. Attackers are getting much
better at manipulating us with carefully-constructed messages that appear legitimate. I think their skill
has improved dramatically in the past year, forcing us to be ever more
vigilant to prevent serious problems.”
-DAVID JAMIESON @dhjamieson
Recommended