New report on top trends in the first Cyber Threat Landscape by EU’s cyber Agency ENISA

[news release] The ENISA Threat Landscape report summarises 120 recent reports from 2011 and 2012 from the security industry, networks of excellence, standardisation bodies and other independent parties, making the report the world’s most comprehensive synthesis presently available. The report provides an independent overview of observed threats and threat agents together with the current top threats, and emerging threats trends landscapes. Moreover, the Threat Landscape report analyses the “cyber enemy”; identifying and also listing the top ten (out of a total of sixteen) threats in emerging technology areas. The areas considered are Mobile Computing, Social Media/Technology, Critical Infrastructure, Trust Infrastructures, Cloud, and Big Data. The identified top ten threats are:

  • Drive-by exploits (malicious code injects to exploit web browser vulnerabilities)
  • Worms/trojans
  • Code injection attacks
  • Exploit kits (ready to use software package to automate cybercrime)
  • Botnets (hijacked computers that are remotely controlled)
  • (Distributed) Denial of Service attacks (DDoS/DoS)
  • Phishing (fraud mails and websites)
  • Compromising confidential information (data breaches)
  • Rogueware/scareware
  • Spam

Finally, the Agency makes a number of conclusions for industry and stakeholders on how to better fight cyber threats to business, citizens and the digital economy at large:

  • Use a common terminology within threat reports
  • Include the end-user perspective
  • Develop use cases for threat landscapes
  • Collect security intelligence of incidents including starting point and target of an attack
  • Perform a shift in security controls to accommodate emerging threat trends
  • Collect and develop better evidence about attack vectors (methods) so as to understand attack workflows
  • Collect and develop better evidence on the impact reached by attackers
  • Collect and maintain more qualitative information about threat agents

The Executive Director of ENISA, Professor Udo Helmbrecht stated:”I am proud that the Agency undertakes this important work to better understand the composition of the current cyber threats. This is the first and most comprehensive Cyber Threat Analysis available to date and a point of reference for all cyber security policy makers, and stakeholders”For full report, listing all threats and conclusions in-depth, see

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.