ENISA Threat Landscape 2015, a must reading

ENISA has issued the annual ENISA Threat Landscape 2015 a document that synthesizes the emerging trends in cyber security

I’m very happy to announce the publication of the annual ENISA Threat Landscape 2015 (ETL 2015), this is the fifth report issued by the European Agency. The ENISA Threat Landscape 2015 summarizes top cyber threats, experts have identified during the last 12 months.

The document synthesizes the emerging trends in cyber security, it is a must reading for the experts in the industry and executives of any sector.

In 2015, we have assisted a greater effort of law enforcement in the fight against criminal organizations that are becoming even more advanced.

The experts at ENISA analyzed the Top 15 cyber-threats, identifying the threat trends, trends of threat agents and trends for emerging technologies, the report also includes for each cyber-threat a list of mitigation controls.

Malware remains the principal cyber-threat in 2015, they have increased in the number of instances detected and the level of sophistication, albeit mobile malware may not have reached expected levels of growth.

Web based attacks and web application attacks are in second and third place, no change has been observed respecting the previous report. Web based attacks include malicious URLs, compromised domains, browser exploits and drive-by attacks.

The category of web application attacks includes classic techniques like cross-site scripting and SQL-injection (SQLi).  In the fourth place there are the Botnets, these infrastructures an essential component for a large number of cyber attacks, but in the last year law enforcement has coordinated a significant number of takedowns against many malicious architectures.

In 2015, the number of DDoS attacks continues to increase, the attacks increased with the volume and also their average duration has increased.

Giving a look at the table below, we can verify that in 2015 the spam decreased once again, despite it still represents a valid vector to spread malware malicious links.

“Spam is in a declining trend since some years now, its importance in the malicious arsenal remained at least almost equal: new methods of “weaponization” of this threat make it a serious threat. During the reporting period we have assessed that spam is an effective means for malware distribution. Ca. 6% of overall spam volume included malicious attachments or links” states the ENISA Threat Landscape 2015 report.

The overall situation is very concerning, cyber threats are influencing also new technologies and paradigms, as explained in a specific session of the report entitled “Emerging Threat Landscape.”

The emerging technology areas considered in this ETL are:

  • Cloud Computing
  • Mobile Computing
  • Cyber Physical Systems (CPS)
  • Internet of Things (IoT)
  • Big Data
  • Network Virtualization and Software Defined Networks (SDN / 5G)

For each technology the report provides the Top 10 Emerging threats, but I don’t want to tell you more about the document, I invite you to carefully read the ENISA Threat Landscape 2015.

Udo Helmbrecht, ENISA’s Executive Director provided the following comment on the project:

“Identification of threats and their dynamics in cyber-space is key in understanding asset exposure and risks. It is an important piece of knowledge that allows for understanding protection requirements, raising awareness and allowing for a better, yet more efficient assessment of risks. ENISA continues with providing strategic information in that area through its ENISA Threat Landscape. Together with the thematic landscapes, this work is a unique publicly available source providing both strategic and tactical intelligence on cyber-threats, tailored to the specific needs of a large amount of stakeholders.”

Pierluigi Paganini

(Security Affairs – Cyber Security, ENISA Threat Landscape 2015)

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.

Recent Posts

A new Mirai botnet variant targets DigiEver DS-2105 Pro DVRs

Akamai researchers discovered a new Mirai botnet variant targeting a vulnerability in DigiEver DS-2105 Pro…

9 hours ago

A ransomware attack disrupted services at Pittsburgh Regional Transit

A ransomware attack on Pittsburgh Regional Transit (PRT) was the root cause of the agency's…

11 hours ago

A cyber attack hit Japan Airlines delaying ticket sales for flights

A cyberattack hit Japan Airlines (JAL), causing the suspension of ticket sales for flights departing…

15 hours ago

Apache fixed a critical SQL Injection in Apache Traffic Control

Apache Software Foundation (ASF) addressed a critical SQL Injection vulnerability, tracked as CVE-2024-45387, in Apache Traffic…

1 day ago

BellaCPP, Charming Kitten’s BellaCiao variant written in C++

Iran-linked APT group Charming Kitten has been observed using a new variant of the BellaCiao…

1 day ago

DMM Bitcoin $308M Bitcoin heist linked to North Korea

Japanese and U.S. authorities attributed the theft of $308 million cryptocurrency from DMM Bitcoin to…

2 days ago

This website uses cookies.