Web-based attacks and malware do not just hold the cybercrime crown, but they’re on the rise — that’s according to the latest Threat Landscape Report by the EU Agency for Network and Information Security (ENISA). In its sixth annual report, ENISA also reported that in 2017 attackers are increasing the complexity and sophistication of their attacks in an effort to constantly stay one-step-ahead in the cat and mouse game between them and defenders, and law enforcement.
Perhaps unsurprisingly, SQL injection and phishing remain attackers’ go-to method for breaching an organization’s defences. Overall, as in previous years, the most prevalent web application attacks are SQL Injection (SQLi) attacks, Local File Inclusion (LFI), Cross-site Scripting (XSS), Remote File inclusion (RFI) and PHP object injection.
Furthermore, Content Management Systems (CMSs) vulnerabilities are still an important source of attacks. CMSs such as WordPress offer attackers a large attack surface area. The moment a vulnerability is discovered in a widely deployed CMS, attackers can repeatedly exploit that vulnerability, allowing them to use that access to distribute phishing campaigns and malware. For example, this report estimates that vulnerabilities discovered within WordPress allowed attackers to infiltrate and vandalize around two million websites.
The EU Agency for Network and Information Security (ENISA) also found overwhelming evidence that cybercriminals are finding new ways to monetize their criminal endeavours. ENISA’s research also found evidence to suggest that politically-motivated attacks by nation states could have adverse effects on democracies.
All however, is not bleak. The EU Agency for Network and Information Security (ENISA) notes that 2017 has also been a year that successfully brought several cybercriminal operations to a grinding halt. Law enforcement, governments and vendors working together have managed to shut down and expose illegal dark markets and arrest cybercriminals.
That being said, while 2017 has set new records in security investments, it has also registered new records in the number of cyberattacks. To such an extent, the ENISA Threat Landscape Report clearly suggests that the cybersecurity community has still a lot of catching up to do in order to be able to effectively strike a balance between attackers and defenders.