Our friends at the European Union Agency for Network and Information Security (ENISA) has published the ENISA Threat Landscape 2014 on 27 January 2015. The report includes some details on developments made in 2014 relative to the top cyber threats and emerging threat trends - mainly in the cyber arena.
You can download a copy of the report (Free) at: http://www.enisa.europa.eu/activities/risk-management/evolving-threat-environment/enisa-threat-landscape/enisa-threat-landscape-2014
From the Executive Summary of the report, below are some of the "positives and negatives" of today's cyber threat landscape from ENISA's point of view.
Many of the changes in the top threats can be attributed to successful law enforcement operations and mobilisation of the cyber-security community (bolding by Ernie Hayden):
But there is a dark side of the threat landscape of 2014:
You can download a copy of the report (Free) at: http://www.enisa.europa.eu/activities/risk-management/evolving-threat-environment/enisa-threat-landscape/enisa-threat-landscape-2014
From the Executive Summary of the report, below are some of the "positives and negatives" of today's cyber threat landscape from ENISA's point of view.
Many of the changes in the top threats can be attributed to successful law enforcement operations and mobilisation of the cyber-security community (bolding by Ernie Hayden):
- The take down of GameOver Zeus botnet has almost immediately stopped infection campaigns and Command and Control communication with infected machines.
- Last year’s arrest of the developers of Blackhole has shown its effect in 2014 when use of the exploit kit has been massively reduced.
- NTP-based reflection within DDoS attacks are declining as a result of a reduction of infected servers. This in turn was due to awareness raising efforts within the security community.
- SQL injection, one of the main tools used to compromise web sites, is on the decline due to a broader understanding of the issue in the web development community.
- Taking off-line Silk Road 2 and another 400 hidden services in the dark net has created a shock in TOR community, both at the attackers and TOR users ends.
But there is a dark side of the threat landscape of 2014:
- SSL and TLS, the core security protocols of the internet have been under massive stress, after a number of incidents have unveiled significant flaws in their implementation .
- 2014 can be called the year of data breach. The massive data breaches that have been identified demonstrate how effectively cyber threat agents abuse security weaknesses of businesses and governments.
- A vulnerability found in the BASH shell may have a long term impact on a large number of components using older versions, often implemented as embedded software.
- Privacy violations, revealed through media reports on surveillance practices have weakened the trust of users in the internet and e-services in general.
- Increased sophistication and advances in targeted campaigns have demonstrated new qualities of attacks, thus increasing efficiency and evasion through security defences.
The report does include a summary table of trends (Page 4) that the reader may find useful. A copy of the table is shown below with some highlights on the areas declining and a note about ransomware.
Lastly, one area the report raises as a new focus is "Cyber-Physical Systems." These are engineered systems that interact with computing equipment and integrated to control, manage and optimize physical processes. The areas they mention of concern are power supply, medical systems/healthcare, industrial systems and manufacturing, transportation, telecommunication, etc. The report includes a table (below) of the Top Emerging (Preliminary) Threats to CPS (Page 67):
Overall, the report is of excellent quality and is a useful summary of the cyber issues of 2014.
###