ENISA Threat Landscape report 2013

The EU’s cyber security Agency ENISA has issued its annual Threat Landscape 2013 report, where over 200 publicly available reports and articles have been analysed. Questions addressed are: What are the top cyber-threats of 2013? Who are the adversaries? What are the important cyber-threat trends in the digital ecosystem?

Negative trends 2013:
  • Threat agents have increased the sophistication of their attacks and of their tools.
  • Clearly, cyber activities are not a matter of only a handful of nation states; indeed multiple states have developed the capacity to infiltrate both governmental and private targets.
  • Cyber-threats go mobile: attack patterns and tools targeting PCs which were developed a few years ago have now migrated to the mobile ecosystem.
  • Two new digital battlefields have emerged: big data and the Internet of Things.

Positive developments in the cyber threat trends in 2013 include:
  • Some impressive law-enforcement successes ; police arrested the gang responsible for the Police Virus; the Silk Road operator as well as the developer and operator of Blackhole, the most popular exploit kit, were also arrested.
  • Both the quality and number of reports as well as the data regarding cyber-threats have increased
  • Vendors gained speed in patching their products in response to new vulnerabilities.

A table of the top current threats and threat trends lists the following top three threats: 1. Drive-by-downloads, 2. Worms/Trojans and 3. Code injections. For full table.