And nation state attacks – the first one we really discovered out in the open was in 2010, Stuxnet. But otherwise the past decade has been full of attacks that are trying to be as covert as possible. In the past decade, there was only one time we have seen this type of network worms, and that was the WannaCry, NotPetya, Bad Rabbit, because they managed to get the EternalBlue exploit that came from the NSA. Network worms for instance, they were very common. They were essentially going to almost everyone, like almost every email address that you can find, they spammed there. I started in 2003, and what I saw then was mass mailing worms. I’ve been in this industry for – should I tell my age? I’ve been in this industry for 17 years. So how was the past decade different from pre-2010? And even though GDPR today is only enforced for EU citizens, this has opened up the conversation in other places as well, for instance California, this year as well.Ībsolutely. The good thing as well was that when GDPR started to be enforced in 2018, then it’s like the people who owned this data got a little bit of the control back. And the stuff in the past ten years looked a little bit scarier from that perspective. But also in the data dumps, we lost more information than before.Įven like credit card numbers in the clear, in amounts that we hadn’t seen before. The attacks were more sophisticated than that as well. Yeah, I thought you were talking about just credential harvesting attacks or password spraying and that. Those were quite detrimental data dumps that affected more than 150 million people. There were even hacks, for instance the Equifax dump which included full names, birthdates, social security numbers. Beyond the typical credential attacks, credential theft, credential dumping – There were really big ones that were quite detrimental. And then there’s more and more breaches that are happening as well of the data that people have online, because there’s more and more online services being offered. And therefore there are proof of concepts trying to also exploit that area. So there’s also more and more artificial intelligence and machine learning being used. There was a rise in IoT devices, and therefore whenever there’s new technology arising there’s always new threats trying to exploit that new technology. It’s actually not very surprising because technology during the past decade was also all over the place. How would you describe the past decade in cyber, Christine?įor me, Janne, the past decade in cyber seems like it’s all over the place. En vergeet niet je te abonneren en een review achter te laten! Luister of lees hier verder voor het (engelse) transcript. En ze komt praten over hoe ver we zijn gekomen in die tien jaar. Van ‘nation state’ malware tot ransomware en Snowden. In aflevering 36 van Cyber Security Sauna vertelt Christine Bejerasco van F-Secure over de hoogtepunten van het afgelopen decennium. Maar het is ook de moeite waard om terug te kijken naar waar we vandaan komen en wat er is veranderd in infosec. 2020 markeert het begin van een nieuw decennium.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |