Hackers and defenders continue cybersecurity game of cat and mouse
Cybercriminals and government defenders involved in game of 'cat and mouse'.
The cyber arms race between hackers and the defenders of corporate networks continues apace.
Helmbrecht: "Identification of threats and their dynamics in cyber-space is key to understanding asset exposure and risks."
That's one of the main conclusions to come out of the fifth annual report from the EU Agency for Network and Information Security (ENISA), Europe's cybersecurity agency
Entitiled The Threat Landscape for 2015, the report features a number of observations, the main one being "the smooth advancement to maturity" of the information security market. As the report puts it, "while the friendly agents -- the good guys -- have demonstrated increased cooperation and orchestrated reaction to cyber-threats, [the] hostile agents -- the bad guys -- have advanced their malicious tools with obfuscation, stealthiness, and striking power".
The report said that while defenders have improved their ability to tackle attacks and take down cybercrime infrastructures, their adversaries have achieved considerable advances too in a year without high-profile security incidents. "Cyber-threat agents have had the tranquility and resources to implement a series of advancements in malicious practices," it warned, including the ability to perform persistent attacks based on hardware, far below the radar of available defence tools and methods.
Cyber criminals have also been working on the provision of "cyber-crime-as-a-service", by developing tools for nonexperts (and affiliate programmes), plus broadening the attack surface to include routers, firmware, and the Internet of Things.
To help IT managers formulate security strategies, EINSA has listed the top 15 threats (see the full report for more details):
- Malware,
- Wed-based attacks,
- Web application attacks,
- Botnets,
- Denial of Service,
- Physical damage, theft or loss,
- Threats from insiders,
- Phishing,
- Spam,
- Exploit Kits,
- Data Breaches,
- Identity Theft,
- Information Leakage,
- Ransomware, and
- Cyber espionage
If you compare the list above with the list from 2014, you will see that after the top 5 the differences begin.
- Malicious Code: Worms and Trojans,
- Web-based attacks,
- Web application attacks,
- Botnets,
- Denial of Sevice,
- Spam,
- Phishing,
- Exploit Kits,
- Data Breaches,
- Physical damage, theft or loss,
- Insider Threats,
- Information leakage,
- Identity theft/fraud,
- Cyber espionage, and
- Ransomeware, Rogueware and Scareware.
Spam is not deemed as significant a threat in 2015 as it was in the previous year, while physical damage, theft, or loss is seen as a bigger threat (this does not mean that spam is less of an issue now than it was previously, just that its perception as a risk has fallen).
ENISA's executive director, Udo Helmbrecht, underlined the need for communication and co-operative action in the battle against cybercrime. "Identification of threats and their dynamics in cyber-space is key to understanding asset exposure and risks," he said.
"It is an important piece of knowledge that allows for understanding protection requirements, raising awareness and allowing for a better, yet more efficient assessment of risks."
ENISA will continue to provide strategic information on combating threats, Helmbrecht said, and, "together with the thematic landscapes, this work is a source providing both strategic and tactical intelligence on cyber-threats".
Read more about cybersecurity:
Online attacks continue to climb driven by rise in DDoS
US auditors slam Homeland Security's $5.7bn Einstein firewall: But are they missing the point?
$500 zero-day ransomware attack takes council offline for nearly a week