ENISA identifies Top Cyber-Threats

ENISA identifies Top Cyber-Threats

The EU´s cyber security agency ENISA has published the first Cyber Threat Landscape analysis of 2012, summarizing 120 recent reports from 2011 and 2012 from the security industry, networks of excellence, standardization bodies and other independent parties.
That makes this report the world’s most comprehensive synthesis presently available.

The report identifies and lists the top cyber-threats and their trends. They are:

- Drive-by exploits (malicious code injects to exploit web browser vulnerabilities);
- Worms/trojans;
- Code injection attacks;
- Exploit kits (ready to use software package to automate cybercrime);
- Botnets (hijacked computers that are remotely controlled);
- (Distributed) Denial of Service attacks (DDoS/DoS);
- Phishing (fraud mails and websites);
- Compromising confidential information (data breaches);
- Rogueware/scareware;
- Spam.

Finally, the Agency makes a number of conclusions for industry and stakeholders on how to better fight cyber threats to business, citizens and the digital economy at large:

- Use a common terminology within threat reports;
- Include the end-user perspective;
- Develop use cases for threat landscapes;
- Collect security intelligence of incidents including starting point and target of an attack;
- Perform a shift in security controls to accommodate emerging threat trends;
- Collect and develop better evidence about attack vectors (methods) so as to understand attack workflows;
- Collect and develop better evidence on the impact reached by attackers;
- Collect and maintain more qualitative information about threat agents.

Read the "ENISA Cyber Threat Landscape" here:

martedì 8 gennaio 2013

Sei iscritto alla members area? Fai il login, oppure iscriviti.

Misura antispam: Quanto fa più 3?