The Emerging Cyber Threat Landscape
A new report by the EU’s cyber security agency, ENISA, has resulted in calls for cloud security to be bolstered after analysing the ways in which cyber criminals are likely to make use of the new data-storage platform to carry out their attacks.
The study, entitled ‘Threat Landscape: Responding to the Evolving Threat Environment‘, identifies and lists the top threats and their trends, and concludes that drive-by exploits have become the top web threat.
ENISA report identifies the following top cyber threats
- Drive-by exploits
- Code injection attacks
- Exploit kits
- Denial of Service
- Compromising confidential information
- Targetted attacks
- Physical theft/damage/loss
- Identity theft
- Abuse of information leakage
- Search engine poisoning
- Rougue certificates
- Corporations. This kind of threat refers to corporations/organizations/enterprises that adopt and/or are engaged in offensive tactics. Corporations can be considered as hostile threat agents their motivation is to build competitive advantage over competitors, who also make up their main target. Depending on their size and sector, corporations usually possess significant capabilities, ranging from technology up to human engineering intelligence, especially in their area of expertise.
- Cybercriminals. Cybercriminals are hostile by nature. Moreover, their motivation is financial gain and their skill level is, nowadays, quite high. Cybercriminals can be organized on a local, national or even international level. It should be taken as given, that a certain degree of networking between cybercriminals is being maintained.
- Employees. This category refers to the staff, contractors, operational staff or security guards of a company. They can have insider access to company’s resources and they are considered as both non-hostile threat agents (i.e. distracted employees) as well as hostile ones (i.e. disgruntled employees). This kind of threat agents possesses a significant amount of knowledge that allows them to place effective attacks against assets of their organization.
- Hacktivists. Hacktivism is a new trend in threat agents. Hacktivists are politically and socially motivated individuals that use computer systems in order to protest and promote their cause. Moreover, they are usually targeting high profile websites, corporations, intelligence agencies and military institutions.
- Nation States. Nation states can have offensive cyber capabilities and could potentially use them against an adversary. By their very nature and due to the importance of the means at their disposal, Nation States may present a threat in the area of cyber warfare.
- Terrorists. Terrorists have expanded their activities and engage also in cyber-attacks. Their motivation can be political or religious and their capability varies from low to high. Preferred targets of cyber terrorists are mostly critical infrastructures (e.g. public health, energy production, telecommunication etc.), as their failures causes severe impact in society and government. It has to be noted, that in the public material analysed, the profile of cyber terrorists still seems to be blurry.
Mobile computing and social technology are among the top emerging areas for possible targets for attacks. The emerging areas are:
- Mobile Computing: Covering several aspects of Consumerization of IT, BYOD (Bring Your Own Device) and mobile services, such as social networking, business applications and data, use of cloud services, interpersonal communication, voice, video, etc.
- Social Technology: Use of social media is one of the main activities performed by private users. Moreover social networking plays an increasingly significant role in businesses.
- Critical Infrastructures: This is an area that is definitely going to attract threat agents, as the impact of such an attack is big at all levels (society, government, national security, etc.).
- Trust Infrastructure: Attacks on the trust infrastructure break the chains of trust and generate very serious impact at many levels and application areas. Success of such attacks allows attackers to greatly enlarge their attack surfaces and targets.
- Cloud Computing: The proliferation of cloud computing and the sheer concentration of users and data on rather few logical locations are definitely an attractive target for future attacks.
- Big Data: Use of big data within businesses but also for the enhancement of security is already in discussion. On the other hand it is also expected that attackers are going to abuse big data in order to enhance their capabilities, collect intelligence, but also to better hide their attacks.