European Union Agency for Network and Information Security (ENSIA) recently launched their Mid-Year 2013 Threat Landscape report, a sneak peek into what’s to come in the full ENISA Threat Landscape report to be published before the end of 2013.
The brief summary gives readers a bit of insight into the changes in trends since the 2012 assessment. A few interesting areas to note aren't surprising, but shed some light into the dynamic, and ever changing threat landscape.
Relative to Code Injections as a trending threat and interesting development, the report states that “Although no important changes have been reported in 2013 regarding this threat, it is worth noting that cloud service provider networks are used increasingly to host tools for automated attacks, thus implementing an important step in code injection attack vectors.” This statement is interesting as Cloud Providers, or ISP’s need to be capable (and held responsible) of detecting these outbound attacks emanating from their customer’s networks. If nothing is done from a prevention or mitigation perspective, the ISP may eventually become a victim themselves when a massive attacks traverses their infrastructures.
Again, not surprisingly, Denial of Service attacks have been flagged as an increasing trend at this mid-year review. The report states that “DNS reflection attacks have gained in popularity. Attackers seem to have adopted the DNS reflection technique to launch amplification attacks, an old technique that has made a come-back.”
In concluding remarks, ENISA states that “Cyber-criminals increasingly use advanced methods to implement attack vectors that are non-traceable and difficult to take down. An important role in this play: anonymization technologies and the use of distributed technologies for more “resilient” infrastructures, such as P2P.” - A scary concoction for organizations across the globe.
- About Corero
- Investor Relations
- News Room
- Executive Management Team
- Corero Offices
- Contact Us