TOP 15 cyber threats in 2017!
2017 was the year in which incidents in the cyberthreat landscape have led to the definitive recognition of some omnipresent facts. We have gained unwavering evidence regarding monetization methods, attacks to democracies, cyber-war, transformation of malicious infrastructures and the dynamics within threat agent groups.
But 2017 has also brought successful operations against cyber-criminals. Law enforcement, governments and vendors have managed to shut down illegal dark markets, de-anonymize the Darknet and arrest cyber-criminals. Moreover, state-sponsored campaigns have been revealed and details of technologies deployed by nation states have been leaked. Mostly remarkable though is the manifestation of the cyberthreat landscape within framework programmes that are about to be established in the financial sector: cyberthreats make up the basis for the development and implementation of red and blue teaming activities in financial sector, both within Member States and across Europe.
But the cybersecurity community is still far from striking the balance between defenders and attackers. Although 2017 has reached records in security investments, it has also brought new records in cyber-attacks of all kinds, data breaches, and information loss. From this perspective, one may argue that there is a market failure in cyber-security; that is, the increased defence levels and expenses cannot successfully reduce levels of cyberthreat exposure.
Whether this is due to a segmented cyber-security market, lack of awareness or capabilities and skills, are topics of vivid discussions in the corresponding communities. The fact is however, that in 2017 we have seen a significantly increased amount of information on cyber-security incidents, cyberthreats and related matters to attract the attention of all kinds of media. This trend is indicative for the high level of interest assigned by media to cybersecurity issues.
In summary, the main trends in the 2017’s cyberthreat landscape are:
- Complexity of attacks and sophistication of malicious actions in cyberspace continue to increase.
- Threat agent of all types have advanced in obfuscation, that is, hiding their trails.
- Malicious infrastructures continue their transformation towards multipurpose configurable functions including anonymization, encryption and detection evasion.
- Monetization of cybercrime is becoming the main motive of threat agents, in particular cyber-criminals. They take advantage of anonymity offered by the use digital currencies.
- State-sponsored actors are one of the most omnipresent malicious agents in cyberspace. They are a top concern of commercial and governmental defenders.
- Cyber-war is entering dynamically into the cyberspace creating increased concerns to critical infrastructure operators, especially in areas that suffer some sort of cyber crises.
- Skills and capabilities are the main concerns for organisations. The need for related training programmes and educational curricula remains almost unanswered.
ENISA has developped an useful tool aimed to help citizens to understand the landscape of current and emerging main threats: https://etl.enisa.europa.eu/