Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Management & Strategy

ENISA Calls for Action to Combat Cyberattacks Leveraging the Basics

Most of the attacks that have dominated the headlines lately could have, and should have been prevented – as they all started with basic methods. This is the stance taken by the EU’s European Network and Information Security Agency (ENISA) in a recent report published on Wednesday.

Most of the attacks that have dominated the headlines lately could have, and should have been prevented – as they all started with basic methods. This is the stance taken by the EU’s European Network and Information Security Agency (ENISA) in a recent report published on Wednesday.

ENISA says that organizations in the EU need to wake up, because they’ve examined recent major attacks, which are “characterized by old attack methods, being given a new edge because they are being used in a smarter, more targeted way.”

“These targeted attacks follow a common and well-known pattern. Attackers send an apparently genuine email, which is in fact a spear-phishing attempt. The email contains a link to an internet page containing malware, or it contains a maliciously prepared attachment. The malware is able to exploit software vulnerabilities to allow the attacker to gain sufficient control over the target and to start gathering intelligence.”

The gathered intelligence is then used to attack other systems or people within the organization, which leads to the often over-hyped and sensationalized APT. It isn’t that sophisticated attacks don’t happen – they do – but many of them could have been prevented, or at least the damage seriously limited.

“Well known cyber-attack methods, such as spear-phishing, are still very effective. However, much can be done to counter these attacks – by making users aware of traps, and by ensuring that better security measures are in place. In cyberspace, it is difficult to be sure where attacks originate, so the focus should be on preventing and mitigating attacks, regardless of where the attackers are based,” said ENISA’s Executive Director, Professor Udo Helmbrecht in a statement.

The fact that organizations use anti-virus and anti-spam protections doesn’t mean ultimate protection, ENISA said, as these layers fail if the attack is persistent. Filters work against large-scale phishing attacks, but the smaller – targeted attacks, often slip past them unnoticed.

“The attacks discovered recently had gone unnoticed for years probably because attackers were targeting few victims, making sure antivirus companies did not easily spot them,” the report explains, noting that in reality – the inherent insecurity of email itself is to blame, making it easy for an attacker to spoof someone.

In the short-term, encrypted communications can help lessen the impact of targeted attacks, as are other solutions such as DMARC, DKIM, or SPF. In the long-term, ENISA said, governments, industry, and businesses need to investigate alternative communication channels.

The full report is available online.  

Written By

Click to comment

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.

Management & Strategy

Tens of cybersecurity companies have announced cutting staff over the past year, in some cases significant portions of their global workforce.

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...

Management & Strategy

Microsoft making a multiyear, multibillion dollar investment in the artificial intelligence startup OpenAI, maker of ChatGPT and other tools.

Funding/M&A

Twenty-one cybersecurity-related M&A deals were announced in December 2022.