ENISA report on top cyber threats
ENISA presented its list of top cyber threats, as a first “taste” of its interim Threat Landscape 2013 report. The study analyses 50 reports, and identifies an increase in threats to: infrastructure through targeted attacks; mobile devices; and social media identity thefts carried out by cyber-criminals over cloud services.
Some key trends identified in the study are:
- Cyber-criminals increasingly using advanced methods to implement attack techniques (vectors) that are non-traceable and difficult to take down. Anonymisation technologies and peer-to peer systems (so called distributed technologies) play an important role in this. It is clear that mobile technology is increasingly exploited by cyber-criminals. Threats of all kinds that were encountered in the more traditional arena of IT will affect mobile devices and the services available on these platforms.
- The wide spread of mobile devices leads to an amplification of abuse based on knowledge/attack methods targeting social media.
- The availability of malware and cyber-hacking tools and services, together with digital currencies (e.g. Bitcoins) and anonymous payment services is opening up new avenues for cyber-fraud and criminal activity.
- There is a real possibility of large impact events when attacks combining various threats are successfully launched.
- As reported by ENISA in its report on major cyber attacks (2013/07/20), cyber-attack is the sixth most important cause of outages in telecommunication infrastructures, and it impacts upon a considerable number of users. Taking into account these incidents, and denial of service threat developments, we observe an increase in infrastructure threats in 2013.
The study identifies the following top threats with major impact since 2012.
Drive-by-exploits: browser-based attacks still remain the most reported threats, and Java remains the most exploited software for this kind of threat.
Code Injection: attacks are notably popular against web site Content Management Systems (CMSs). Due to their wide use, popular CMSs constitute a considerable attack surface that has drawn the attention of cyber-criminals. Cloud service provider networks are increasingly used to host tools for automated attacks.
Botnets, Denial of Services, Rogueware/Scareware, Targeted Attack, Identity Theft and Search Engine Poisoning are the other trending threats.
The complete report is available here.