Home / Blog / ENISA Threat Landscape 2014

ENISA Threat Landscape 2014

Posted on 01/29/2015, by Miguel Herrero (INCIBE)
ENISA Threat Landscape 2014

The European Union Agency for Network and Information Security (ENISA) has published its threat landscape for 2014 , an 80 page document that is written entirely in English and analyses the changes in the most common threats online.

ENISA reveals that there are substantial changes in the most common threats and their complexity with regards to 2013. ENISA attributes these changes to the important and successful operations performed by the security forces, as well as the mobilization of the cyber-community.

Some of the most outstanding actions from 2014 are:

  • The dismantling of the botnet Zeus GameOver, which almost immediately halted infection campaigns and communications with C&C centres.
  • The arrest of Blackhole’s developer in 2013, leading to a mass reduction of the use of the exploit kit.
  • The reduction of DDoS based on an NTP amplification, as a result of the reduction of vulnerable servers thanks to the awareness-raising of the community.
  • Decrease in SQL injections thanks to an improvement in the knowledge of web developers.
  • Demolition of Silk Road and 400 other profound web services has deeply affected the TOR community, which includes both TOR users and attackers that used an anonymous network.

However, 2014 also had several blackspots:

  • Both SSL and TLS, the protocols for the security nucleus on internet, have been affected by various errors in their implementation such as POODLE and HEARTBLEED.
  • A number of mass information thefts have occurred.
  • Shellshock, the bash shell’s vulnerability, had a great impact on many components that used old versions, mainly in embedded software.
  • The different types of privacy violations, which are aired through media channels, have decreased the trust user’s have in internet-based services.

After the interesting analysis made of the document, the lessons learned section offers some revelations such as the following:

  • Over 50% of successful attacks are due to negligence in key cybersecurity matters. This figure has repeated itself over the last three years, meaning that it should improve everyone’s awareness towards cybersecurity.
  • This negligence could be reduced if the cybersecurity community improved its passing on of complex technical knowledge to those members of the community who have an inferior knowledge.

Finally, the conclusions section presents the tasks facing European policies in the upcoming year, with a mention towards legislation tasks and technical conclusions. In the first group it is worth noting that there is a decrease in the trust of users as a result of the increase in governmental vigilance on internet and internet’s offensive actions, sparked by the activities of different national security agencies, which affect the cyber-ecosystem. With regards to the technical conclusions, the stress that the infrastructures that implement security measures face is mentioned, from Heartbleed issues to the deanonymization of TOR, along with the increase in the sophistication of new cyberthreats, which leads to the idea that the learning curve of cyber-delinquents is improving.