EU report says cyber attacks target trust: From identities to infrastructure

The European Network and Information Security Agency (ENISA), which is a part of the European Union (EU), recently issued a report that describes the current global cyber threat landscape - including infrastructure.

by / January 14, 2013 0

The European Network and Information Security Agency (ENISA), which is a part of the European Union (EU), recently issued a report that describes the current global cyber threat landscape. The excellent report “is based on publicly available data and provides an independent view on observed threats, threat agents and threat trends. Over 140 recent reports from security industry, networks of excellence, standardization bodies and other independent institutes have been analysed.”

 In my view, the comprehensive approach used to create this PDF document makes it worth taking the time and energy to read throught the entire document in detail. The extensive coverage of topics includes definitions and activity in these areas of: “Drive-by exploits: Worms/Trojans , Code Injection Attacks, Exploit Kits, Botnets, Denial of service, Phishing, Compromising confidential information, Rogueware/Scareware, Spam, Targeted Attacks, Physical Theft/Loss/Damage, Identity Theft, Abuse of Information Leakage, Search Engine Poisoning, Rogue certificates.”

After coverage of these threats, the EU report covers major threat trends, including:

“The Emerging Threat Landscape

     - Threat Trends in Mobile Computing

     - Threat Trends in Social Technology

     - Threat Trends in Critical Infrastructures

     - Threat Trends in Trust Infrastructure

     - Threat Trends in Cloud Computing

     - Threat Trends in Big Data”

The coverage of each area includes specific topics and whether activity is up, sideways or down. One such area is “Trust Infrastructure,” which many in the U.S. cover under the “Trusted Identities in Cyberspace.”


 Emerging Threat: Trust Infrastructure

    Threat Trend

 1. Denial of service (an effective technique to attack trust infrastructure components and achieve impact by blocking access to relevant components, e.g., handshaking with SSL servers65)



 2. Rogue certificates (compromising trust relationships will be key in generating fake trust within components of trust infrastructure but also other systems using them)




3. Compromising confidential information (data breaches will have an impact in trust infrastructures, e.g., by providing valuable information to launch an attack)



4. Targeted attacks (spearphishing and APTs will remain a significant concern in this area)



As Bill Jackson points out in his compelling blog over at GCN, European wording used may be slightly different than in the USA, but the cyber protection work is very similar on both sides of the pond:

Among the programs under way, the administration is launching an initiative to use commercial cloud services to authenticate third-party credentials for accessing government sites, called the Federal Cloud Credential Exchange. The U.S. Postal Service will be operating an FCCX pilot.”

Again, I urge readers to take the time to read this latest European report and William Jackson’s GCN blog. It is clear that these cyber attacks against critical infrastructure are a continuing (and growing) global problem. It is good to see the comprehensive report coming from Europe.

What are your thoughts on the trends identified in this report?


Dan Lohrmann Chief Security Officer & Chief Strategist at Security Mentor Inc.

Daniel J. Lohrmann is an internationally recognized cybersecurity leader, technologist, keynote speaker and author.

During his distinguished career, he has served global organizations in the public and private sectors in a variety of executive leadership capacities, receiving numerous national awards including: CSO of the Year, Public Official of the Year and Computerworld Premier 100 IT Leader.
Lohrmann led Michigan government’s cybersecurity and technology infrastructure teams from May 2002 to August 2014, including enterprisewide Chief Security Officer (CSO), Chief Technology Officer (CTO) and Chief Information Security Officer (CISO) roles in Michigan.

He currently serves as the Chief Security Officer (CSO) and Chief Strategist for Security Mentor Inc. He is leading the development and implementation of Security Mentor’s industry-leading cyber training, consulting and workshops for end users, managers and executives in the public and private sectors. He has advised senior leaders at the White House, National Governors Association (NGA), National Association of State CIOs (NASCIO), U.S. Department of Homeland Security (DHS), federal, state and local government agencies, Fortune 500 companies, small businesses and nonprofit institutions.

He has more than 30 years of experience in the computer industry, beginning his career with the National Security Agency. He worked for three years in England as a senior network engineer for Lockheed Martin (formerly Loral Aerospace) and for four years as a technical director for ManTech International in a US/UK military facility.

Lohrmann is the author of two books: Virtual Integrity: Faithfully Navigating the Brave New Web and BYOD for You: The Guide to Bring Your Own Device to Work. He has been a keynote speaker at global security and technology conferences from South Africa to Dubai and from Washington, D.C., to Moscow.

He holds a master's degree in computer science (CS) from Johns Hopkins University in Baltimore, and a bachelor's degree in CS from Valparaiso University in Indiana.

Follow Lohrmann on Twitter at: @govcso