Pierluigi Paganini January 27, 2015

The European Union Agency for Network and Information Security has published the annual report on the cyber threat landscape “ENISA Threat Landscape 2014.”

The European Union Agency for Network and Information Security (ENISA) has published the annual report on the cyber threat landscape “ENISA Threat Landscape 2014.”

This ENISA Threat Landscape 2014 report (ETL 2014) was prepared by collecting and analyzing threat data of the last 12 months (December 2013 – December 2014).

The document is composed of the following sections:

• “Purpose, Scope and Method” provides some information regarding the threat analysis process.
• “ETL 2014: Current Threat Landscape” contains top 15 cyber-threats assessed in 2014 and related information.
• “Threat Agents” contains the profiling of threat agents.
• “Attack Vectors” contains information on typical attack scenarios.
• “The Emerging Threat Landscape” indicates assessedtechnology areas that will impact the
• “The Emerging Threat Landscape” reports the areas that will impact the threat landscapes in the middle-term.
• “Food for thought: Lessons Learned and Conclusions”

This year the threat landscape is characterized by significant upheavals, the number of cyber attacks has grown rapidly as well as their complexity despite the excellent action of law enforcement, which influenced the evolution of the criminal ecosystem.

“In the ETL 2014, details of these developments are consolidated by means of top cyber threats and
emerging threat trends in various technological and application areas. References to over 400 relevant
sources on threats will help decision makers, security experts and interested individuals to navigate
through the threat landscape.” reads the ENISA Threat Landscape 2014,

The take down of GameOver Zeus botnet which was conducted by the DoJ and the FBI in a multinational effort has dealt a blow to cyber crime sindacate, the arrest of the author of the popular Blackhole and the seizure of numerous underground black markets on Tor as part of the Onymous Operation, are just a few example of successfully action operated by law enforcement.

2014 was also characterized by significant threats to the overall Internet infrastructure, let’s consider the increase of the DDoS amplification attacks (i.e. NTP-based reflection DDoS attacks) or the numerous flaws affecting popular encryption libraries like the Heartbleed and the Poddle bugs.

2014 is considered the year of data breaches, the number of incidents is dramatically increased, in frequency and severity, exposing hundreds of millions of records of unsuspecting users.

“The massive data breaches that have been identified demonstrate how effectively cyber threat agents abuse security weaknesses of businesses and governments.” states the report.

Analyzing the attacks against websites, experts noticed that SQL injection, which is still one of the most effective attack techniques, is on the decline due to information sharing on the threat.

Privacy is the topic that most of all interested Internet community, netizens fear numerous surveillance program run by governments and have fueled mistrust in the network.

The cyberspace is the new battlefield, a growing number of targeted campaigns were characterized sophisticated attack schemes that benefiting efficient evasion techniques.

The report provides useful information to reduce the surface of attack and exposure to cyber threats. The Agency will continue to collect information on cyber threats and will improve critical operation like information sharing.

This report is a must read for cyber-security specialists and anyone who is interested in the development of cyber threats.

Let me personally thanks for the support all the members of the Threat Landscape Stakeholder Group, in particular the author of the report Louis Marinos, that coordinated us during the last year and that made possible the publishing of a so precious document.

Enjoy the report!

Pierluigi Paganini

(Security Affairs – ENISA Threat Landscape 2014, cyber threats)