ENISA’s Threat Landscape Report 2022 – Part 1 – Introduction
For the past ten years, ENISA – The European Union Agency for Cybersecurity – has been comprising an annual report on the status of the cybersecurity threat landscape. The document outlines the most significant threats, notable patterns concerning them, the individuals and methods behind the threats, and an analysis of the potential impact and underlying motivations. Additionally, it provides information on relevant measures to mitigate the risks.
The current report from November 2022 identifies the following prime threats
3. Social Engineering threats
4. Threats against data
5. Threats against availability: Denial of Service
6. Threats against availability: Internet threats
7. Disinformation – misinformation
8. Supply-chain attacks
Mitigation measures are suggested for each of the identified threats, along with notable incidents, trends, and attack techniques associated with them.
Threat Landscape 2022 specific trends
Having prepared the 2022 report the authors flagged up four trends specific to it.
1. Impact of geopolitics on the cybersecurity threat landscape
- Throughout the reporting period, the conflict between Russia and Ukraine had a significant impact on the threat landscape. Noteworthy shifts included a marked rise in hacktivist activity, instances of cyber operations coinciding with kinetic military action, and the activation of hacktivists, cybercriminals, and nation-state groups providing assistance during the conflict.
- Destructive attacks are a prominent component of the operations of state actors.
- Disinformation became an even stronger tool in cyber warfare.
2. Threat actors increasing their capabilities
- Resourceful threat actors have been employing 0-day exploits to accomplish their operational and strategic objectives. As organisations bolster their defences and cybersecurity programs, adversaries face higher costs, which compels them to acquire or create 0-day exploits.
- Ransomware groups are resorting to continuous “retirements” and rebranding tactics as a means to evade law enforcement and sanctions.
- The “Hacker-as-a-Service” business model has been gaining momentum and growing since 2021.
- Threat groups are demonstrating a growing interest and capability in conducting supply chain attacks and targeting Managed Services Providers (MSPs).
3. During the reporting period, ransomware and attacks affecting availability were ranked as the most significant
- DDoS attacks are becoming more frequent, increasingly massive, and intricate, with a shift toward mobile networks and the Internet of Things (IoT), and are now being utilized within the context of cyber warfare.
- Phishing, malware, and extortion techniques are on the rise and evolving.
4. The threat landscape is being marked by novel, hybrid, and emerging threats that are having a significant impact
- Consent phishing
- AI-enabled disinformation and deepfakes
In the coming weeks, we will expand on the prime threats of the report.