Top cyber security agency in the European Union, ENISA, just released its Cyber Threat Landscape for 2012, a report analyzing over 120 threats reported from 2011 to 2012. This marks the first, as well as the most comprehensive of any such analyses to come from ENISA or within the EU, and it contains important information that could change the way the region responds to (and prepares for) cyber threats in the future.
One finding in the report is a spike in what are known as “drive-by exploits,” and they are now classified as the foremost Web threat facing the EU. A drive-by exploit is basically when a malicious code is injected to exploit a Web browser’s vulnerabilities. This type of threat can cause a lot of damage, and now it is receiving much needed attention from cyber security companies and potential victims on the Web, as a result of ENISA’s Cyber Threat Landscape 2012 release.
ENISA’s executive director Professor, Udo Helmbrecht praised his company on this report, the first of its kind, and commented on the implications of this first-ever Cyber Threat Landscape analysis.
“I am proud that the Agency undertakes this important work to better understand the composition of the current cyber threats,” said Helmbrecht. “This is the first and most comprehensive Cyber Threat Analysis available to date and a point of reference for all cyber security policy makers, and stakeholders.”
The threats summarized in the report come from a number of sources, including those in the security industry, various networks of excellence, standardization bodies, and many other independent parties, all of whom experienced some type of cyber threat incident over the period of 2011 to 2012.
Not only does the report clarify the top Web threats in the EU currently, but enables those in the cyber security business to get ahead of the trends and better prepare for coming attacks.
Additionally, this report may help characterize just exactly who is behind cyber threats, and help figure out how to catch them.
The report outlines the top 10 threats, out of a total of 16, in the categories of Mobile Computing, Social Media/Technology, Critical Infrastructure, Trust Infrastructures, Cloud, and Big Data.
Drive-by exploits are the number one threat as of now, followed by worms/trojans, code injection attacks, exploit kits and botnets. Exploit kits are ready-to-use software packages which automate cybercrime, while botnets are hijacked computers that are remotely controlled. These types of cyber threats were virtually unknown 10 years ago, and now they have crawled up the list and taken their spots as serious threats that need to be dealt with, and fast.
Other threats on the list include distributed denial of service attacks, phishing (the popular term for fraudulent emails and websites), confidential data breaches, rogueware or scareware, and finally a more common one: spam.
The Cyber Threat Landscape 2012 is not the only contribution ENISA has made to the cyber security business this year, however.
The company does not plan only to report on the issues at hand, but take an active role in combating them as well. According to ENISA, to help stop these common cyber threats, cyber security companies and stakeholders are encouraged to use a common terminology within their threat reports, shift their security controls to better resist emerging threat trends, and collect and develop better evidence about attack methods, attack workflows, the impact attackers have, and any information that can be gathered on individual threat agents.
For the full report, with a more in-depth look at the state of cyber security in the EU over the past year, as well as substantial conclusions made by ENISA based on the gathered data, click here.
Want to learn more about the latest in communications and technology? Then be sure to attend ITEXPO Miami 2013, Jan 29- Feb. 1 in Miami, Florida. Stay in touch with everything happening at ITEXPO (News - Alert). Follow us on Twitter.
Edited by Brooke Neuman