Brussels, 08/01/2013 (Agence Europe) - On Tuesday 8 January, the European Network and Information Security Agency (ENISA) published a comprehensive cyber threat landscape analysis for 2012. The report, which identifies and enumerates the main cyber threats and their trends noted last year, concludes that “drive-by” exploits have become the top web threat. “This is the first and most comprehensive cyber threat analysis available to date and a point of reference for all cyber security policy makers and stakeholders”, ENISA President Udo Helmbrecht said.
The ENISA “Threat Landscape” report summarises 120 recent reports between 2011 and 2012 from the security industry, networks of excellence, standardisation bodies and other independent parties. It therefore gives a comprehensive synthesis of current cyber threats and new trends, listing the “top 10” threats in emerging technology areas. The areas considered for the analysis are: mobile computing, social media/technology, critical infrastructure, trust infrastructure, Cloud and Big Data.
The report identifies the top ten threats in decreasing order of risk: 1) drive-by exploits (malicious code injects to exploit web browser vulnerabilities); 2) worms/Trojans; 3) code injection attacks; 4) exploit kits (ready-to-use software package to automate cybercrime); 5) botnets (hijacked computers that are remotely controlled); 6) (distributed) denial of service attacks (DDoS/DoS); 7) phishing (fraud mails and websites); 8) compromising confidential information (data breaches); 9) rogueware/scareware; and 10) spam.
Finally, ENISA reaches a number of conclusions for industry and stakeholders on how to better fight cyber threats to business, citizens and the digital economy at large. It suggests, for example, that one could: - use a common terminology within threat reports; - include the end-user perspective; - develop use cases for threat landscapes; - collect security intelligence of incidents including starting point and target of an attack; - perform a shift in security controls to accommodate emerging threat trends; - collect and develop better evidence about attack vectors (methods) so as to understand attack workflows; - collect and develop better evidence on the impact reached by attackers; - and collect and maintain more qualitative information about threat agents. (IL/transl.jl)