IBM Security对2020的11个预测-中文翻译版

IBM X-Force Security Predictions for 2020

2019年12月17日 发布的文章

With 2019 coming to a close, it’s time to reflect on the year and also look at what the new year will bring.


This year, we saw attackers set their sights on cities and government entities, impacting more than 100+ cities in the U.S. with ransomware. These attacks weren’t cheap, either — costing millions in recovery costs.

2019年,我们看到攻击者将视线转移到了城市和政府实体,并利用勒索软件影响了美国100多个城市。 这些攻击造成的破坏也不便宜-用于恢复的花费约数百万美元。

We also saw several very large data breaches across the globe. From social media sites to fitness, gaming and even genealogy firms — 2019 was a treasure trove of compromised data.

我们还在全球范围内看到一些非常大规模的数据泄露事件。 从社交媒体网站到健身,游戏甚至家谱公司,2019年成为了泄露数据的藏宝洞。

Cybercrime gangs like Evil Corp who deploys BitPaymer and Gootkit that dropped MegaCortex made headlines with targeted ransomware attacks.

网络犯罪团伙比如Evil Corp 部署了BitPaymer勒索软件和Gootkit银行木马,释放MegaCortex勒索病毒,成为针对性勒索软件攻击的头条新闻。

Trickbot took this ‘big game hunting’ to another level when it hit the tech provider of nursing homes in the US and demanded a $14 million ransom.


So what lies ahead in 2020? How will the cybercrime threat landscape change and evolve?


11 Security Predictions for 2020


I’ve pulled together my own predictions as well as insights and predictions from experts in IBM X-Force on what may be in store for us in 2020, including predictions on changing ransomware tactics, emerging nation-state actors, bias in artificial intelligence (AI) and more.

汇集 Limor Kessem的个人预测,以及IBM X-Force专家对 2020年 安全的见解和预测,包含关于勒索策略改变的预测、新兴国家角色、人工智能(AI)偏差和其它。

1. Banking Trojan Operators Will Change Focus 银行类木马运营焦点将有变化

“Organized cybercrime gangs from the banking Trojan realms got the hang of multi-million-dollar fraud. But that’s a lot of ‘marked money’ to move around. Their answer is clear: migrating toward targeted ransomware operations, aiming to demand millions of dollars in ransom — all in bitcoin. Easier to anonymize, easier to launder, and less sharing of illicit profits with street gangs that launder bank fraud proceeds.” — Limor Kessem, IBM Security

“那些银行木马领域的网络犯罪团伙,掌握数百万美元的欺诈手段在手。 但是大量的“被标记的资金”流转来去。 这些答案很清晰:向有目标的勒索软件业务迁移,勒索数百万美元的赎金,全部使用比特币交易减少。 更容易匿名化,更容易清洗,并且在银行欺诈活动的非法获利洗钱流程中,减少与帮派分享的利润。” — Limor Kessem, IBM Security

2. Ransomware and Extortion Will Become One and the Same 勒索软件和敲诈将成为一体

“With more organizations refusing to pay elevated ransom demands, attackers wielding ransomware will resort to other modes of extortion. I anticipate an increase in the exfiltration and leaking of data if payment is not made. Will this sort of pressure make organizations pay up? We will also have to see how regulators address the types of attacks in the way they view reporting timelines.” — Limor Kessem, IBM Security

“随着更多组织拒绝支付高昂的赎金要求,先前运用勒索软件的攻击者将会采用其它敲诈方式。Limor Kessem预计,如果拒绝付款,数据泄露和泄漏将会被动增加。这些类型的压力将会让组织付出代价吗?同时,我们还须学习那些监管机构,如何根据威胁上报时间线的方式去驱动攻击类型分析。”— Limor Kessem, IBM Security

3. Destructive attacks will spread 破坏性攻击将蔓延

“Attacks using destructive malware or repurposing crypto-malware for disruption have been notoriously focused in the Middle East, but these attacks will spread into other regions, including North America and Europe calling on organizations to overhaul their incident response plans and drilling.” — Limor Kessem, IBM Security

“在中东地区臭名昭著的破坏攻击一直持续进行,使用破坏性的恶意软件或恶意软件加密再利用,但这些攻击将陆续蔓延到其它地区,包括北美和欧洲,呼吁组织进行针对的事件响应计划全面梳理和演练。”— Limor Kessem, IBM Security

4. We Will See DDoS Attacks via Privacy Requests 我们将看到通过隐私权请求的拒绝服务式攻击

“Taking advantage of new privacy regulations such as the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA), motivated activists and attackers will flood companies with individual rights requests either as punishment for controversial views or as a distraction as a prelude to an attack. These rights, built into the regulations to allow you to request all the information a company has related to you, are a potential unintended attack vector that will be difficult to manage without proper processes in place to handle such requests at scale.” — Cindy Compert, IBM Security

“通过利用隐私法规,例如通用数据保护条例 (GDPR) 和加利福尼亚州消费者隐私法案 (CCPA),别有动机的维权人士和攻击者,将会向企业提出个人权利请求, 可能存在的处罚或作为攻击的前奏干扰。法规赋予隐私保护的权利,允许权利人请求相关所有信息,这是一个潜在的意外攻击途径,如果没有适当的流程支撑处理此类大规模请求,企业将很难进行有效管理。”— Cindy Compert, IBM Security

5. Devolving Cyber Power 赋予网络能力

“Countries like India, Pakistan and Vietnam will emerge among the ‘Big Four’ nation-state actors and use cyberattacks for espionage and intimidation. Their operations will use well-known hacking tools to exploit common unpatched vulnerabilities as well as ransomware to infiltrate regional adversaries and locally operated organizations.” — Wendi Whitmore, IBM X-Force Incident Response and Intelligence Services (IRIS)


— Wendi Whitmore, IBM X-Force Incident Response and Intelligence Services (IRIS)

6.Cybercrime and Nation State Attacks Converge 网络犯罪和国家攻击趋同

“We suspected the connection between hostile nation-state interest and financial motivation in 2017 when WannaCry attacks that spread like wildfire across the globe were attributed to North Korea. This convergence will be proven in 2020 with more nation-state actors launching financially-motivated attacks and even collaborating with known cybercrime groups from other regimes.” — Limor Kessem, IBM Security

“怀疑2017年敌对国家利益与获利动机之间存在联系,当时WannaCry袭击像野火一样蔓延到全球,North Korea所为。这种一致性将在 2020 年得到证明,更多的国家级攻击发起出于经济(金融)动机,甚至与其它政权网络犯罪组织合作。”— Limor Kessem, IBM Security

7. As Cybersecurity AI Adoption Expands, Concerns Around AI Bias Will Grow 随着网络安全 AI 采用的扩展,对 AI 偏差的担忧将加剧

As IBM Security’s Aarti Borkar told Forbes, “As security teams’ use of AI continues to grow, they’ll need to monitor and manage for potential bias in their AI models to avoid security blind spots that result in missed threats or more false positives. One way to help prevent bias within AI is to establish cognitive diversity — diversity in the computer scientists developing the AI model, the data feeding it and the security teams influencing it.”

正如 IBM Security   Aarti Borkar  在《福布斯》的观点,“随着安全团队对 AI 使用的持续增长,他们需要监控和管理其 AI 模型的潜在偏差,以避免错过威胁或大量误报导致的安全盲点。帮助防止 AI 内部偏查的一种方法是建立认知多样性 — 计算机科学家开发 AI 模型的多样性、数据提供以及安全团队影响的多样性。”

8. Broadening Hacker Horizons 黑客视野增长

“Criminals will continue to broaden their horizons from traditional network- and application-level attacks to hardware and embedded devices. IT security teams should look to increase hardware and embedded devices testing.” — Charles Henderson, X-Force Red

“犯罪分子将继续拓宽视野,从传统的网络和应用级攻击到硬件和嵌入式设备。IT 安全团队应寻求增加硬件和嵌入式设备测试能力。”— Charles Henderson, X-Force Red

9. A Shift to Monetize Non-Currency Assets 货币资产非货币化转化

“As we continue to move to a subscription economy, we also move to subscription attackers. Targeting of loyalty programs and offerings with a ‘same as cash equivalent’ will continue to increase. These may include gift cards, prepaid phone cards or other easily transferable assets or subscriptions so that criminals can consume the items quickly before being detected.” — Charles Henderson, X-Force Red

“随着持续转向订阅经济,同样也转向订阅攻击者。目标为的会员忠诚度计划和”与现金等价物相同”产品的攻击将继续增加。可能包括礼品卡、预付电话卡或其他易于转移的资产或订阅,以便犯罪分子在被发现之前能够快速毁灭证据。” — Charles Henderson, X-Force Red

10. SMS-Based Authentication Will Lose Viability 基于 SMS短信 身份验证将不再可行

“With the growth and ease of high-profile SIM swapping attacks in 2019, organizations will step away from relying on SMS-based authentication for security, moving toward app-based authentication.” — Dustin Heywood, X-Force Red

“随着 2019 年引人关注的 SIM 调换攻击的增长和易用性,组织将逐步摆脱依赖基于 SMS 的安全身份验证,转向基于应用的身份验证。” — Dustin Heywood, X-Force Red

11. Cybersecurity Will Begin “Opening Up” 网络安全将扩大开放

“The existing security tools sprawl that has been weighing down the industry for years will give way to a modern ‘school of thought’ in security whereby open standards combined with cloud maturity will enable more open security ecosystems. Companies will demand security solutions that not only connect workloads and data across clouds and on-prem infrastructure in a simple and open manner, but also allow businesses to leave their data wherever they want it to reside. This demand will lead the industry to rally behind open common, open-source tooling.” — Aarti Borkar, IBM Security

“多年以来行业现有安全工具发展备受拖累,未来现代”思想流派”将引领安全领域,开放标准与成熟的云架构相结合,将实现更加开放的安全生态系统。企业按需制定安全解决方案,不仅能够以简单、开放的方式连接跨公有云和私有云基础架构的工作负载和数据,还允许将商业数据留在任何想要存储的位置。这一需求将领导行业在开放通用、开源工具的下实现振兴。”— Aarti Borkar, IBM Security







郑磊 于 2020年元旦。 LinkedIn 联系方式

3人评论了“IBM Security对2020的11个预测-中文翻译版”


您的电子邮箱地址不会被公开。 必填项已用*标注