Europe 'needs independence' from foreign sources of threat intelligence

News by Tom Reeve

Stronger sources of domestic cyber-threat intelligence must be developed and additional European context added to existing intelligence, according to a report from ENISA.


EU member states need to develop own threat intelligence systems, says ENISA (pic: Garry Killian/Getty Images)

European member states need to develop stronger domestic sources of cyber threat intelligence (CTI) and wean themselves off their dependence on sources from outside the EU, according to a report from the EU’s cyber-security agency.

A key recommendation of the ENISA Threat Landscape 2018 report is that "EU Member States should take measures to increase their independence from currently available CTI sources (mostly from outside the EU) and to enhance the quality of CTI by adding a European context".

The report is the seventh in a series of annual threat landscape reports published by the EU Agency for Network and Information Security (ENISA).

It calls for establishing systems to make it easier to collect CTI and share it among member states, as well as calling on businesses to make their CTI available to stakeholders with a particular focus on those that lack technical knowledge. This problem is particularly acute in the supply chain where there are significant gaps in security knowledge among service providers and users.

And it said that the collection of CTI needs to be widened to include information on incidents from related disciplines and that efforts needed to made to standardise the collection, storage and analysis of this data.

In the area of CTI, ENISA has promoted closer integration by organising the ENISA CTI EU event, supported by Europol EC3, the European Defence Agency (EDA) and CERT-EU. It has also actively engaged resources from the European Commission’s DG Connect and the European Security and Defence College in the event, it said.

Phishing and vulnerabilities in the internet of things (IoT) are two of the key threats facing European organisations in cyberspace, according to the report.

Other threats trending across the continent in 2018 included the use of crypto-mining to make money from successful cyber-infections, state-sponsored attacks against banks and the increased use of automation in cyber-attacks, the EU Agency for Network and Information Security (ENISA).

Skills and training remain a key shortcoming on the defender’s side, the ENISA report said.

"We are witnessing the development and deployment of new technologies, which are reshaping the cyber landscape and significantly impacting society and national security. The European Union needs to be ready to adapt to and reap the benefits of these technologies to reduce the cyber-attack surface," said Udo Helmbrecht, executive director at ENISA.

Europol says police worldwide going after webstresser clients

Meanwhile, police across the world are closing in on thousands of attackers who used the webstresser.org DDoS-for-hire service, according to a media statement from Europol this morning.

The investigation and takedown of the illegal marketplace in April yielded a rich set of details of the website’s 151,000 registered users, Europol said.

Webstresser.org is thought to be the world’s biggest DDoS-for-hire marketplace. Charging its users as little as €15 per month, the site is linked to more than four million attacks.

Webstresser.org clients in the UK have already been visited by the police as part of Operation Power Off. More than 60 devices have been seized for analysis so far as part of an investigation of more than 250 users. 

Find this article useful?

Get more great articles like this in your inbox every lunchtime

Upcoming event