The European Network and Information Security Agency (“ENISA”) has published its first independent overview of how the cyberthreat landscape has evolved over the past few years. The report identifies the most common and dangerous cyberthreats, the methods used by malicious users and potential avoidance measures for web users. ENISA’s findings have ramifications from both an EU and global perspective as the threats revealed have no geographic boundaries.
According to the report, “drive-by exploits” are the greatest and most increasing threat to the internet landscape. Drive-by exploits involve injecting malicious code into a website that automatically infects a user’s computer when he or she visits that website. These can then be used to obtain personal information. The websites themselves may also be unknowingly hosting malicious code. This form of cyberattack is on the rise and is even being formulated for mobile devices.
The second biggest cyberthreat identified by ENISA are Trojans (which contain backdoor capabilities) and Worm malware programs (which can self-replicate and redistribute themselves with devastating effect). Worms and Trojans are used by cybercriminals to pull off sophisticated cyberscams involving theft of user credentials and personal data and by governments for cyberespionage.
Code injection is the third top threat – in recent years an increasing amount of attacks and data breaches have been conducted against web applications using well-known attack techniques such as SQL injection (“SQLi”) and cross-site scripting (“XSS”). These threats, which are popular amongst hacktivist groups, attempt to extract data, steal credentials and take control of the targeted webserver.
Other cyberthreats include exploit kits, botnets, denial-of-service attacks, phishing and spam. ENISA emphasises that it is not just cybercriminals acting as the threat agents but also corporations attempting to gain competitive advantage, disgruntled employees, and terrorists who have expanded their activities into cyberspace.
In an era where social media has flourished, the report highlights the vulnerability of technologies such as cloud computing and big data sets, where the concentration of vast amounts of data in a few logical locations makes an attractive target for threat agents. ENISA suggests that many threats can be contained if sufficient risk management is undertaken and appropriate security measures are implemented.