If we were to look back at some of the most important cyberattacks and cyber-risks that occurred so far in 2016, a mid-year review would very closely resemble Game of Thrones: full of conspiracies, betrayals, shameless pretend-to-be friends and unexpected turns of events – we might even end up believing that the cyber-world served as an inspiration for George R. Martin.

1. Cybersecurity winter is not coming…
Cybersecurity winter is already here.
WARNING, THIS ARTICLE CONTAINS SPOILERS.
If we were to look back at some of the most important cyberattacks and cyber-risks that occurred so far in 2016,
a mid-year review would very closely resemble Game of Thrones: full of conspiracies, betrayals, shameless
pretend-to-be friends and unexpected turns of events – we might even end up believing that the cyber-world
served as an inspiration for George R. Martin.
JANUARY: hacktivists and cyber-terrorists, plot masters
The beginning of this year was marked by a strong growth in hacktivism. According to Hackmageddon, 27.7%
of the overall cyber-attacks recorded in January were related to political or religious beliefs. The attack that got
the ball rolling: Anonymous versus the Thai police. Seeing how the local police of Thailand had unfairly sentenced
to death two foreigners for the murder of a pair of British tourists, Anonymous immediately blocked all access
to its website, leaving a single message on the home page: “Failed law. We want justice. #BoycottThailand “.
While this may somehow seem “fair”, we also find a large number of cyber-terrorists (clearly Valar
Morghulis advocates) hiding among these hacktivists. As any other community, cyber-terrorists have become
increasingly more organized (read our previous article on hacking business models here), putting their
technological know-how at the disposal of general disorder. Stingier than the plot masters of Westeros, without
any regard for existing criminal or moral laws, nothing can come in their way when it comes to achieving their
goals.

2. FEBRUARY: a wall cannot protect you against malware
The cyber-heist of the Central Bank of Bangladesh shook the financial sector to its core when a group of
hackers managed to steal $ 81 million (approximately € 71.5 million) without anyone even noticing. Debts
were certainly paid. The case became even more controversial when the details of the attack were published,
announcing that the international financial institution in question had not previously installed a firewall.
Cybersecurity experts from around the world lost it that day. Although a single “wall” would not have been
enough to keep the outsiders at bay (read our article on the limitations of a firewall here), it still is a basic
cybersecurity measure. As hackers’ favorite target, banking organizations should be the first ones to set up a
« shield » against external threats. Otherwise, nothing can prevent the wildings from coming in through the
front door.
MARCH: ransomware or the Ramsey Bolton of digital extortion
A month after the Hollywood Presbyterian Medical Center agreed to pay the ransom in order to unlock its
system and resume its activity (a rather important activity taking into account the “public”), hackers declared
opened the hunting season on US healthcare institutions. In March, MedStar Health went through a typical
“Boltonian” experience in digital torture when its network, linking together ten hospitals, was infected by a
ransomware (read our article on data hostage situations here).
Another lesson we learned that month: paying a ransom does not guarantee that hackers will keep their word.
Rickon should have probably read this article before placing his trust in Ramsey, don’t you
think? #PoorRickon
APRIL: an Apple backdoor will not hold without Hodor
After the shooting of San Bernardino, the FBI came into possession of one of the iPhones used by the
terrorists and asked Apple to develop a new version of its iOS (read our article on the FBiOS here), which
would enable them to bypass some key security features of the iPhone. And what do you think the CEO of
Apple replied? No backdoor without Hodor. No, seriously now, Tim Cook bluntly stated that the government
could ensure that the FBiOS would not fall into the wrong hands.
We were then emerged in a heated debate between the defenders of security and those of privacy – a similar
debate to that between the faith and the crown in Westeros (before Cersei’s other son – we never remember
his name – sides with the Septon). Each party was fighting for its rightful place on the Iron Throne, while the
real dilemma was not who holds the most power, but rather how to combine these two elements together.
Without wildfire to solve the issue, the question still remains.
MAY: the old ways are vulnerable against Daenerys’s dragons
When the masters attacked the City of Maureen, Dany defied them by asserting their need to “get rid of the

3. Those monitoring the digital pulse of things quickly realized that it’s high time to head towards a different
approach (“new ways”) if they want to stay in the game. To deal with advanced and unpredictable threats, one
must stray from conventional methods. If Daenerys had the courage to ride a dragon, we can expand the limits
of our imagination too.
JUNE: not aware = not immune to white walkers
Beginning of the month, DDoS (distributed denial of service) attacks wreaked havoc in the French press (see our
article on the latest incidents here). June revealed itself as more generous than the previous months, attacking
all pillars of free expression – social networks, for instance (see our article here). All this because of the lack of
knowledge (or perhaps, the lack of will?) with concern to cybersecurity best practices and emerging cyber-
threats.
How can we protect ourselves against an army of zombies (botnets or not) if 1. we do not have the right
weapons and 2. we do not want to admit their existence. Hmm … well, we probably wouldn’t even have time to
ask the question.
Our mid-year review ends here (phew, we were starting to run out of Game of Thrones references), with a small
token of advice: fiction is not just mere exaggeration, sometimes it is there to inspire us to go beyond what is
achievable in the present. It is with this vision that we developed Reveelium, with the aim of spending more on
predicting attacks rather than treating them. The end of the last GoT season says it all (we were wrong, here’s
another reference): the war is just beginning. We will need assets such as Bran and Melisandre to deal with the
enemies.
Link:
https://www.reveelium.com/en/cybersecurity-winter-is-not-coming/