Last January ENISA released its annual report with the ’15 top cyber threats and trends’ in Europe. The European Union Agency for Network and Information Security (ENISA) is a center of network and information security expertise for the E.U., its Member states, the private sector and European citizens. Its prime concern is to provide recommendations on cybersecurity, support policy development and its implementation and collaborate with operational teams throughout Europe.
Despite the fact that ENISA has had its headquarters in Greece since 2003, in 2017 there were negotiations to transfer the seat of the Agency elsewhere. A few months ago the Greek government signed a new seat agreement which sets down the arrangements for the operation of ENISA in Greece and puts behind the possibility of leaving the country. The agreement laid the foundations for further development of the Agency against cyber-attacks worldwide and it was signed by Nikos Pappas, Minister for Digital Policy, Telecommunications and Media and Prof. Dr. Helmbrecht, Executive Director of ENISA.
The agreement stipulates that the premises of the Agency shall be located in the metropolitan area of Athens, with a branch office in Heraklion, Crete and that the role of professional cybersecurity staff working for the Agency will be upgraded. According to the Agency web site, the professional cybersecurity team mounts to 65 experts, but the new agreement will attract more and possibly help the repatriation of Greek scientists. To quote Mr. Pappas, ‘The new seat agreement opens new high-level job opportunities in the critical field of cybersecurity contributing to brain-drain control and the enticement of new top scientists from all over Europe.
Dr. Helmbrecht points out that the development and deployment of new technologies are reshaping the cyber landscape and significantly impacting society and national security. The European Union needs to be ready to adapt to and reap the benefits of these technologies and reduce the cyber-attack surface. In this regard and in the context of the recent political agreement on the new draft Cybersecurity Act, which proposes to grant ENISA a permanent mandate with more human and financial resources, ENISA is expected to increase its support to the E.U. Member States, in order to improve capabilities and expertise, notably in the areas of cyber crisis coordination and the prevention of cyber incidents. ENISA will have market-related tasks, notably by preparing European cybersecurity certification schemes with the expert assistance and close cooperation of national certification authorities and industry. Last but not least, ENISA will strengthen its support to the Member States and the EU institutions in the development, implementation and review of general cybersecurity policy.
The findings of the report
ENISA report indicates that phishing has become the primary malware infection vector. This conclusion did not come as a shock as it was the very same result coming from different studies carried out by the public and private security organizations and presented last year. In addition, the ENISA report focuses attention on the fact that crypto-miners have become an important monetization vector. Bitdefender findings also indicate that the wave of cryptocurrency mining got bigger last year as crypto mining surpassed ransomware in popularity among cybercriminals in 2018.
As the report further explains banks were very often targeted last year and some of the attacks came from state-sponsored agents. The emergence of IoT systems remains a big concern, because of insufficient protection mechanisms, especially in low-end IoT devices and services. That is the reason why ENISA published an online tool for IoT and Smart Infrastructures Security on January 31st, 2019.
One of the most important problems that cybersecurity has to solve is an automated defense against automated threats. Practically, this means that artificial intelligence takes on an important role in the cybersecurity environment, but there is a serious lack of skilled and trained people to get the job done successfully. As report mentions ‘Public organizations struggle with staff retention due to strong competition with industry in attracting cybersecurity talents’, but the uneasy truth is that even industry has great difficulty in recruiting the right staff to deal with defense mechanisms as efficiently as cybercriminals make cyber-attacks.
The next steps in the cybersecurity strategy
To address the issue of cybersecurity effectively, ENISA recently took a big step in terms of efficient European cooperation. ENISA has taken the opportunity to work closely with its partner organizations: the European Defense Agency EDA, the European Union Agency for Law Enforcement Cooperation Europol, and the Computer Emergency Response Team for the E.U. Institutions, Agencies and Bodies CERT-EU. In this regard, ENISA has signed a memorandum of understanding, which establishes a framework promoting cooperation on cybersecurity and defense.
This memorandum gave effect to the political direction expressed in the ‘Council conclusions on resilience, deterrence and defense: Building strong cybersecurity for the E.U.’on November 20th, 2017, that relevant Agencies and bodies should cooperate. It focuses on five areas of cooperation, namely exchange of information, education and training, cyber exercises, technical cooperation, and strategic and administrative matters. It also allows for cooperation in other areas identified as mutually important by the four organizations.
This cooperation will ensure the best possible use of existing resources through avoiding duplicative efforts and building on the complementarity of ENISA, EDA, EC3 and CERT-EU. It will focus on delivering strong added value to the Member States without putting any additional burden on them. Cybersecurity is a shared responsibility, and it is only by cooperating closely with all relevant stakeholders that the E.U. has a chance to address cybersecurity challenges.
Just a couple of months ago, Dr. Helmbrecht met with his partners and agreed on a concrete roadmap for the upcoming months focused on joint activities and deliverables. The important point that came out is closer attention on the areas of training and cyber exercises, building the cooperation capacity and the improved exchange of information on respective projects and events with a view to complementing the work of the four partners and avoiding the duplication of efforts. Lastly, he added ‘I foresee increased cooperation with our memorandum partners in our next cyber exercise Cyber Europe 2020, as well as in other related technical exercises, which ENISA will organize. We are determined to take this cooperation to the next level.’