ENISA, the European Union Agency for Network and Information Security, has released a series of reports and guidance tackling the topic of cyber security.
- ENISA Threat Landscape (ETL) Report 2013
The report reviews more than 250 incidents of cyber attacks that took place in 2013. A table in the report analyses fluctuations in the top 10 threat trends, including trojans, code injection, exploit kits, botnets, identity fraud, phishing, spam, data breaches, to name a few. The findings show that threat agents have increased the sophistication of their attacks with migration to the mobile eco system and the emergence of a digital battlefield relating to big data and the Internet. To counter these threats, ENISA highlights the successes achieved by cyber security officials and law enforcement authorities in 2013, as well as increases in reports of attacks facilitating greater threat analysis. The report ultimately calls for greater sharing of security intelligence, speed in threat assessment, and elasticity in IT architectures to ensure they remain robust against innovative cyber tactics.
- Updates to Cyber Security Strategies Map
ENISA lists the countries that have adopted the National Cyber Security Strategies (NCSS) across the world. The latest countries to adopt NCSS include Belgium, the Netherlands, Poland, Slovenia and Spain, with updates that Montenegro, Ghana and Thailand are planning to develop NCSS soon.
- Feasibility Study on European Information Sharing and Alerting System (EISAS)
EISAS is meant to increase awareness about IT security issues among citizens and SMEs, and foster a collaborative information-sharing network to improve capability to respond to network security threats. In 2009, ENISA published the EISAS RoadMap with a deployment plan to implement this concept. In 2012, ENISA also published a Basic Toolset for the large-scale deployment of EISAS across Europe by 2013. The feasibility study is the last stage in the implementation of EISAS. The study includes a three-year action plan for deployment, and examines which entities could commit to leading EISAS network, as well as what operational measures would need to be implemented, and the funding required to ensure sustainable success of the infrastructure.
- Good Practice Guide for CERTS complying with the Directive on attacks against information systems
In July 2013, the EU Directive on attacks against information systems (the Directive) was adopted and must be implemented by member states by September 2014. ENISA has published a guide to assist Computer Emergency Response Teams (CERTS) to comply with their obligations under the Directive, including sharing information in cyber crime to cooperate with law enforcement agencies.
- Report on supervisory control and data acquisition (SCADA) programs and Guide on Mitigating Cyber Attacks On ICS
Much of Europe’s critical infrastructure is controlled by SCADA systems, a subgroup of Industrial Control Systems (ICS). The report recognises that in the past decade, SCADA technology has transformed from isolated systems into standards technologies that are highly interconnected with corporate networks. Simultaneously, SCADA systems have become increasingly vulnerable to attack. The report recommends the implementation of patching management strategies by way of software upgrades to tackle this. Like SCADA technology, ICS are equally vulnerable to cyber attack and are seen as lucrative targets for intruders. The guide aims to provide good practices for entities that are tasked to provide ICS Computer Emergency Response Capabilities (ICS-CERC).
- Report on National Roaming for Resilience to Cyber Attacks
In the context of more than 79 incidents of network outage occurring across the EU in 2012, ENISA’s report discusses the potential for mobile roaming to be used as a resource to improve the resilience of mobile communications networks. The report also proposes recommendations to mitigate the impact of network outages, including:
- Service prioritizations in outages
- Open Wi-Fi as alternative solution for data connectivity
- Establish an M2M inventory of all SIMS per service and provider to assess the possible impact and strategy in case of outage
- Identify key people within Critical Infrastructure Services to be prepared for eventual mobile network outage
- CERT Guidance and Updated Training Materials
ENISA has published guidance for government on mechanisms available to support CERTs via organisations such as TF-CSIRT TI, FIRST, The Internet Engineering Task Force, CERT Coordination Center and the International Organisation for Standardisations. Complimentary to this, ENISA have also expanded the breadth of training materials for CERTS to include 29 scenarios such as recruitment of CERT staff, incident handling and cooperation with law enforcement agencies – all available with downloadable handbooks and toolsets and online training presentations.