The ENISA Threat Landscape report provides an overview of risks, together with current and emerging trends, based on analysis of over 120 recent reports by the security industry, standardisation bodies and other institutions.
The report, published on 8 January, finds that so-called “drive-by downloads” have become the biggest threat in the cyberwar.
Such "drive–by" attacks affect computers when users are unwittingly using an infected website. The site shoots a virus into the user’s computer system, where it monitors the new host for weaknesses that can be targeted in further attacks.
Udo Helmbrecht, ENISA’s executive director, said the report was "the first and most comprehensive Cyber Threat Analysis available to date" that will help policymakers "better understand the composition of the current cyber threats".
Worms and zombies at large
Also on the increase are attacks by "Trojan horses" - programmes that are sent in to other systems to steal data and credentials - and "worms" – computer malware that replicate themselves through the host computer system once they have latched on. Botnets or "zombies" – sets of compromised computers under the central control of an attacker - are also on the increase.
The report identifies emerging threats for the next year, and claims that mobile phones will come under increased risk, since communications over them is often less secure than conventional computer systems.
In March 2012, the Symantec security company discovered that some of Google's Android apps were bundled and resold with malware attached that could take screenshots from people's phones and harvest sensitive data like bank details. The incident already led to a warning by ENISA.
Julie Van Buylaere, a senior adviser on payments and securities at the European Savings Banks Group, said: “Smartphones will become a preferred target of attacks as hackers start to penetrate the device itself. In particular eWallets are becoming widely used and thus another target for cybercriminals.”
Social networking sites, cloud computing, and co-called critical infrastructures – or networks affecting large numbers of people or national security – were also earmarked as growing risk sectors for the coming year in ENISA’s report.
Cybercriminals are able to slip away
The report does not make a detailed assessment of cybercriminals’ identities, since this information is usually handled by law enforcement agencies.
Louis Marinos, one of the report’s authors, said: “Often the perpetrators are not properly identified because there is a time lag between the attack itself and the time taken to isolate the originator of the attack, which often gives the perpetrators the time to disappear.”
The report makes a number of recommendations for lawmakers and law enforcement bodies to deal with the rising challenges posed by cybercrime, including the better collection of evidence about attacks, their impact and more qualitative information about the criminals.
Marinos said that the information would serve as one of the tool for use by the new European Cybercrime Centre – which begins operation on 14 January in The Hague.
Graeme Cooper, ENISA’s head of public affairs, said: “ENISA has representation on the steering board of the new centre and Europol, and it is important that these organsiations work in strong partnership with the EU Commission and member states to deliver effective solutions to the problems posed by cybercrime.”