ENISA 2018 Threat Landscape Report Out

ByJane Ginn

January 31, 2019 ,

 

The Annual Report issued by the European Union’s (EU) Network and Information Security Agency (ENISA) has recently been released for patterns observed in 2018.  The scope of the report included trends by threat actors and defenders, a notable change from previous years.  At the top of the list for threat actor trends, there was the rapid rise of cryptomining, and the shift by state-sponsored threat actors towards very sophisticated social engineering attacks.  For network defenders advances in threat actor profiling, and active defense techniques was also notable.

The authors also noted some of the important political events that have given rise to the continued development of regulatory frameworks for cyber-diplomacy, cyber-defense, and cyber-war.

They summarized noting the following key trends for 2018:

  • Mail and phishing messages have become the primary malware infection vector.
  • Exploit Kits have lost their importance in the cyberthreat landscape.
  • Cryptominers have become an important monetization vector for cyber-criminals.
  • State-sponsored agents increasingly target banks by using attack-vectors utilised in cyber-crime.
  • Skill and capability building are the main focus of defenders. Public organisations struggle with staff retention due to strong competition with industry in attracting cybersecurity talents.
  • The technical orientation of most cyber threat intelligence produced is considered an obstacle towards awareness raising at the level of security and executive management.
  • Cyber threat intelligence needs to respond to increasingly automated attacks through novel approaches to utilization of automated tools and skills.
  • The emergence of IoT environments will remain a concern due to missing protection mechanisms in low-end IoT devices and services. The need for generic IoT protection architectures/good practices will remain pressing.
  • The absence of cyberthreat intelligence solutions for low-capability organisations/end-users needs to be addressed by vendors and governments.

A copy of the original report can be downloaded from here.

author avatar
Jane Ginn CTIN President & Co-Founder
Jane Ginn ~ As the co-founder of the Cyber Threat Intelligence Network (CTIN), a consultancy with partners in Europe, Ms. Ginn has been pivotal in the development of the STIX international standard for modeling and sharing threat intelligence. She currently serves as the Secretary of the OASIS Threat Actor Context Technical Committee, contributing to the creation of a semantic technology ontology for cyber threat actor analysis. Her efforts in this area and her earlier work with the Cyber Threat Intelligence (CTI) TC earned her the 2020 Distinguished Contributor award from OASIS. In public service, she advised five Secretaries of the US Department of Commerce on international trade issues from 1994 to 2001 and served on the Washington District Export Council for five years. In the EU, she was an appointed member of the European Union's ENISA Threat Landscape Stakeholders' Group for four years. A world traveler and amateur photojournalist, she has visited over 50 countries, further enriching her global outlook and professional insights. Follow me on LinkedIn: www.linkedin.com/comm/mynetwork/discovery-see-all?usecase=PEOPLE_FOLLOWS&followMember=janeginn
Translate »