The European Network and Information Security Agency (ENISA) is an agency of the European Union. The objective of ENISA is to improve network and information security in the European Union.
ENISA published a new report titled ENISA Threat Landscape Mid year 2013 that provides an interesting update for the list of top cyber threats.
The ENISA Threat Landscape Mid year 2013 analyses 50 reports, and identifies the trend for main threats to:
• Infrastructure
• Mobile devices
• Social media
• Cloud services
The document highlight that cybercrime increasingly using sophisticated techniques for the attacks, the hackers are improving methods to be non-traceable and to make more resistant their malicious structures to take down operated by law enforcement.
I will strongly suggest to see this TED talk by James Lyne: http://www.youtube.com/watch?v=fSErHToV8IU
He tells many of the attacks and the frameworks/ infrastructure attackers use for increasing efficiency of the attacks.
Drive-by download means two things, each concerning the unintended download of computer software from the Internet:
1. Downloads which a person authorized but without understanding the consequences (e.g. downloads which install an unknown or counterfeit executable program, ActiveX component, or Java applet).
2. Any download that happens without a person’s knowledge, often a computer virus, spyware, malware, or crimeware
Drive-by downloads may happen when visiting a website, viewing an e-mail message or by clicking on a deceptive pop-up window: by clicking on the window in the mistaken belief that, for instance, an error report from the computer’ operating system itself is being acknowledged, or that an innocuous advertisement pop-up is being dismissed. In such cases, the “supplier” may claim that the user “consented” to the download, although actually the user was unaware of having started an unwanted or malicious software download. Hackers use different techniques to obfuscate the malicious code, so that antivirus software is unable to recognize it. The code is executed in hidden iframes, and can go undetected.
A drive-by install (or installation) is a similar event. It refers to installation rather than download (though sometimes the two terms are used interchangeably).
We observe that, Drive-by-exploits: browser-based attacks still remain the most reported threats, and Java remains the most exploited software for this kind of threat.
Some concluding remarks:
1. Cyber-criminals constantly adapt to advanced techniques. They use methods that make them untraceable and difficult to turn down.
2. As the use of mobile devises and social media is increasing, those are and will be the most targeted platforms of the attackers.
References:
1. http://securityaffairs.co/wordpress/
2. http://en.wikipedia.org/wiki/European_Network_and_Information_Security_Agency
3. http://en.wikipedia.org/wiki/Drive-by_download
4. http://www.youtube.com/watch?v=fSErHToV8IU
