Governments and private firms are at risk of cyber attacks from multiple nation-states, says European Union's cyber security agency in a report issued Wednesday.
“It has become clear that maturity in cyber activities is not a matter of a handful of nation-states,” says the Herkalion, Greece-based European Network and Information Security Agency, in its report, “ENISA threat Landscape 2013, Overview of current and emerging cyber-threats.”
“Rather, multiple nation-states have now developed capabilities that can be used to infiltrate all kinds of targets — both government and private ones — in order to achieve their objectives.”
The report states this year “has clearly unveiled the true dimension behind the potential of this threat agent group.”
“Main targets of this threat group are state secrets, military secrets and data on intelligence as well as threatening the availability of critical infrastructures. Acting with a high level of capabilities, the methods/vectors of launched attacks vary significantly.
“Yet, high-effort and high-sophistication targeted attacks belong to the main attack methods used. The degree of successfulness of performed attacks can be considered as rather high.”
The report says “Threat agents have increased sophistication of their attacks and their tools.”
Furthermore, cyber threats can now be mobile, says the report. “Attack patterns and tools that targeted (personal computers) a few years ago, have been migrated to the mobile ecosystem.”
There have been positive developments in the past year as well, however, says the report. These include:
• Impressive successes by law enforcement.
• The number of reports and data regarding cyber threats, as well as their quality of available information, has increased, which has facilitated threat analysis.
• Vendors have increased the speed with which they respond to threats and vulnerabilities through product updates.
• Cooperation among organizations in dealing with cyber threats will gain speed in the near future.
Copies of the report are available here.