The agency highlights some common attack vectors used by cybercriminals

Mar 13, 2013 19:01 GMT  ·  By

The European Network and Information Security Agency (ENISA) has published a flash note entitled “Cyber-attacks – a new edge for old weapons,” which analyzes the latest targeted cyberattacks launched against government and private organizations from Europe.

The report analyzes the Red October and the MiniDuke campaigns and highlights some common attack methods employed by cybercriminals: the use of spear-phishing emails and the exploitation of software vulnerabilities.

In addition, the agency makes three important recommendations for organizations. These revolve around prevention, email security, and software vulnerabilities.

“Well known cyber-attack methods, such as spear-phishing, are still very effective. However, much can be done to counter these attacks - by making users aware of traps, and by ensuring that better security measures are in place,” ENISA’s Executive Director, Professor Udo Helmbrecht, said.

“In cyberspace, it is difficult to be sure where attacks originate, so the focus should be on preventing and mitigating attacks, regardless of where the attackers are based.”

The complete flash note is available here.