According to the ENISA Threat Landscape Report 2018, 2018 has brought significant changes in the techniques, tactics, and procedures associated with cybercrime organizations and nation-state actors.
I’m proud to present you the ENISA Threat Landscape Report 2018, the annual report published by the ENISA ETL group that provides insights on the evolution of the cyber threats in 2018.
2018 was characterized by significant changes in the cyber threat landscape especially for TTPs associated with threat agent groups. Financially motivated attackers focused their efforts in develing and spreading crypto-miners, this threat appeared in the top 15 threats included in the report.
Nation-state hacking reduced the use of complex malware and appears to go towards low profile social engineering attacks.
“Recent political activities have underlined the emergence of various, quite novel developments in the perceived role of cyberspace for society and national security.” reads the ENISA Threat Landscape Report 2018. “Cyber-diplomacy, cyber-defence and cyberwar regulation have dominated the headlines. These developments, when transposed to actions, are expected to bring new requirements and new use cases for cyberthreat intelligence.”
ENISA experts believe threat actors are going to adapt their activities towards the changes introduced by to prevents the above interference.
The main trends emerged in the 2018’s cyberthreat landscape are:
- Mail and phishing messages have become the primary malware infection vector.
- Exploit Kits have lost their importance in the cyberthreat landscape.
- Cryptominers have become an important monetization vector for cyber-criminals.
- State-sponsored agents increasingly target banks by using attack-vectors utilised in cyber-crime.
- Skill and capability building are the main focus of defenders. Public organisations struggle with staff retention due to strong competition with industry in attracting cybersecurity talents.
The report highlights the importance of cyber threat intelligence to respond to increasingly automated attacks leveraging automated tools and skills. Unfortunately, low-capability organisations/end-users have no access to cyberthreat intelligence solutions exposing them to severe risks of hack.
Another element of concern is the diffusion of IoT devices that are poorly protected.
“The need for generic IoT protection architectures/good practices will remain pressing.” continues the report.
All the above trends are detailed in the ENISA Threat Landscape 2018 (ETL 2018), a must-read for cyber security experts and passionates.
Let me close with the Top Threats 2018, for each threats the report includes detailed information on trends and observed evolution.