The European Union Agency for Network and Information Security (ENISA) reveals in its latest report that malware and web-based attacks remained the top Cyber threats in 2018. Within these threats, mail and phishing messages were the main primary attack vectors. It is likely to continue to rise in 2019.
An area of the report identified the growing change in behavior and tactics of threat actors. Cybercriminals and state-sponsored actors have broadened their strategy in attacks as they advance their motives. In particular, State-sponsored actors target banks more, using tactics commonly recognized with cybercriminals.
Furthermore, other reports show frequent tactics used involve island hopping. This is where hackers target organizations as leverage to get to their intended target. Carbon Black Inc believe nation-state hackers are using more tactics like this because of the raised tension in Geopolitics. This is happening with organizations outsourcing surveillance services to organizations in other countries. This makes states and its security vulnerable.
Attempts to try and identify which actors were behind which attacks last year, was difficult. Patterns once attributed to a cybercriminal also related to a state-sponsored actor. It was, therefore, harder to differentiate between the two. This became evident with the decrease in ransomware and increase in Cryptojacking. This is the unauthorized mining of cryptocurrency with another user’s device. Reasons for the diversion to Cryptojacking is its less risky, more profitable and easier to deploy. With the inability to trace back a hacker, it is more dangerous for the person of the device as they are unknowingly assisting such attacks. These attacks happening through governmental websites are where the lines between the two actors blurred.
Other changed tactics of cyber criminals include file-less attack techniques, as it allows hackers to stay in a device undetected for longer.
More information on file-less malware be found in Banking Trojan Gozi Resurfaces with New Tactics.
Cyber Threat Intelligence
ENISA’s report identified areas that helped with tackling top cyber threats. It outlined, for example, the benefits of CTI as it develops, and how it allows EU agencies to know where vulnerabilities lay and how to mitigate against it.
More tools are developing to stop attacks from entering networks and devices. Such tools include Kaspersky’s tools to help identify threats in real-time. With time tools like this will develop even further. Other organizational tools to use for detecting malware, as it continues to rise, include Data Loss Prevention and further awareness and use of the Intrusion Prevention System.
Other trends highlighted in ENISA’s report include attacks on the internet of things (IoT) as security within this environment continues to be an issue. Training and awareness of staff is also an area ENISA identified as a weakness.
The report aims to make the EU aware of the threats and its scale to help it determine steps to strengthen its security in cyberspace with CTI. As the report shows, with cyber-attacks continuing to rise and diversify it is more important than ever that companies train their employees in cyber security and make it a focus not an afterthought.
Let us know your thoughts in the comments section.