The questions addressed are:
- What are the top cyber-threats of 2013?
- Who are the adversaries?
- What are the important cyber-threat trends in the digital ecosystem?
The ENISA Threat Landscape presents the top current cyber threats of 2013 and identifies emerging trends. In 2013 important news stories news, significant changes and remarkable successes have left their footprint in the cyber-threat landscape. Both negative and positive developments have formed the 2013 threat landscape.
Negative trends 2013:
- Threat agents have increased the sophistication of their attacks and of their tools.
- Clearly, cyber activities are not a matter of only a handful of nation states; indeed multiple states have developed the capacity to infiltrate both governmental and private targets.
- Cyber-threats go mobile: attack patterns and tools targeting PCs which were developed a few years ago have now migrated to the mobile ecosystem.
- Two new digital battlefields have emerged: big data and the Internet of Things.
- Some impressive law-enforcement successes; police arrested the gang responsible for the Police Virus; the Silk Road operator as well as the developer and operator of Blackhole, the most popular exploit kit, were also arrested.
- Both the quality and number of reports as well as the data regarding cyber-threats have increased
- Vendors gained speed in patching their products in response to new vulnerabilities.
- The end-users lack knowledge yet they need to be actively involved. Adoption of simple security measures by end-users would reduce the number of cyber incidents for 50% worldwide!
- Numerous actors work on overlapping issues of threat information collection and threat analysis. Greater coordination of information collection, analysis, assessment and validation among involved organisations is necessary.
- The importance of increasing the speed of threat assessment and dissemination, by reducing detection and assessment cycles has been identified.