ENISA Threat Landscape 2015, a must reading

ENISA has issued the annual ENISA Threat Landscape 2015 a document that synthesizes the emerging trends in cyber security

I’m very happy to announce the publication of the annual ENISA Threat Landscape 2015 (ETL 2015), this is the fifth report issued by the European Agency. The ENISA Threat Landscape 2015 summarizes top cyber threats, experts have identified during the last 12 months.

The document synthesizes the emerging trends in cyber security, it is a must reading for the experts in the industry and executives of any sector.

In 2015, we have assisted a greater effort of law enforcement in the fight against criminal organizations that are becoming even more advanced.

The experts at ENISA analyzed the Top 15 cyber-threats, identifying the threat trends, trends of threat agents and trends for emerging technologies, the report also includes for each cyber-threat a list of mitigation controls.

Malware remains the principal cyber-threat in 2015, they have increased in the number of instances detected and the level of sophistication, albeit mobile malware may not have reached expected levels of growth.

Web based attacks and web application attacks are in second and third place, no change has been observed respecting the previous report. Web based attacks include malicious URLs, compromised domains, browser exploits and drive-by attacks.

The category of web application attacks includes classic techniques like cross-site scripting and SQL-injection (SQLi).  In the fourth place there are the Botnets, these infrastructures an essential component for a large number of cyber attacks, but in the last year law enforcement has coordinated a significant number of takedowns against many malicious architectures.

In 2015, the number of DDoS attacks continues to increase, the attacks increased with the volume and also their average duration has increased.

Giving a look at the table below, we can verify that in 2015 the spam decreased once again, despite it still represents a valid vector to spread malware malicious links.

“Spam is in a declining trend since some years now, its importance in the malicious arsenal remained at least almost equal: new methods of “weaponization” of this threat make it a serious threat. During the reporting period we have assessed that spam is an effective means for malware distribution. Ca. 6% of overall spam volume included malicious attachments or links” states the ENISA Threat Landscape 2015 report.

The overall situation is very concerning, cyber threats are influencing also new technologies and paradigms, as explained in a specific session of the report entitled “Emerging Threat Landscape.”

The emerging technology areas considered in this ETL are:

  • Cloud Computing
  • Mobile Computing
  • Cyber Physical Systems (CPS)
  • Internet of Things (IoT)
  • Big Data
  • Network Virtualization and Software Defined Networks (SDN / 5G)

For each technology the report provides the Top 10 Emerging threats, but I don’t want to tell you more about the document, I invite you to carefully read the ENISA Threat Landscape 2015.

Udo Helmbrecht, ENISA’s Executive Director provided the following comment on the project:

“Identification of threats and their dynamics in cyber-space is key in understanding asset exposure and risks. It is an important piece of knowledge that allows for understanding protection requirements, raising awareness and allowing for a better, yet more efficient assessment of risks. ENISA continues with providing strategic information in that area through its ENISA Threat Landscape. Together with the thematic landscapes, this work is a unique publicly available source providing both strategic and tactical intelligence on cyber-threats, tailored to the specific needs of a large amount of stakeholders.”

Pierluigi Paganini

(Security Affairs – Cyber Security, ENISA Threat Landscape 2015)

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.

Recent Posts

Romanian energy supplier Electrica Group is facing a ransomware attack

Romanian energy supplier Electrica Group is investigating an ongoing ransomware attack impacting its operations. Romanian…

7 hours ago

Deloitte denied its systems were hacked by Brain Cipher ransomware group

Deloitte has responded to claims by the Brain Cipher ransomware group, which alleges the theft…

12 hours ago

Mandiant devised a technique to bypass browser isolation using QR codes<gwmw style="display:none;"></gwmw><gwmw style="display:none;"></gwmw>

Mandiant revealed a technique to bypass browser isolation using QR codes, enabling command transmission from…

21 hours ago

2023 Anna Jaques Hospital data breach impacted over 310,000 people

Anna Jaques Hospital revealed that the ransomware attack it suffered last year has exposed sensitive health…

1 day ago

SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 23

Security Affairs Malware newsletter includes a collection of the best articles and research on malware…

2 days ago

Security Affairs newsletter Round 501 by Pierluigi Paganini – INTERNATIONAL EDITION

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles…

2 days ago

This website uses cookies.