A Surge in Cybercriminality? The Annual ENISA Threat Landscape Report – 9th Edition

According to EU Agency for Cybersecurity Executive Director Juhan Lepassaar, “Given the prominence of ransomware, having the right threat intelligence at hand will help the whole cybersecurity community to develop the techniques needed to best prevent and respond to such type of attacks. Such an approach can only rally around the necessity now emphasized by the European Council conclusions to reinforce the fight against cybercrime and ransomware more specifically.”

en flag
nl flag
et flag
fi flag
fr flag
de flag
he flag
ja flag
lv flag
pl flag
pt flag
ru flag
es flag

Content Assessment: The Annual ENISA Threat Landscape Report – 9th Edition

Information - 95%
Insight - 95%
Relevance - 95%
Objectivity - 95%
Authority - 100%

96%

Excellent

A short percentage-based assessment of the qualitative benefit of the recently published European Union Agency for Cybersecurity (ENISA) report on the cybersecurity threat landscape.

Editor’s Note: The European Union Agency for Cybersecurity, ENISA, is the Union’s agency dedicated to achieving a high common level of cybersecurity across Europe. In October of 2021, ENISA published the ninth edition of the ENISA Threat Landscape (ETL) report. The report provides a general overview of the cybersecurity threat landscape and is partly strategic and partly technical, with information relevant to both technical and nontechnical readers. This new report may be beneficial for cybersecurity, information governance, and legal discovery professionals operating in the eDiscovery ecosystem as they consider cyber discovery through the lens of increasing cyber threats.


Press Announcement And Report*

Hackers-for-Hire Drive the Evolution of the New ENISA Threat Landscape

The 9th edition of the ENISA Threat Landscape (ETL) report released by the European Union Agency for Cybersecurity highlights the surge in cybercriminality motivated by monetization using ransomware or cryptojacking.

The ENISA Threat Landscape 2021 (ETL) report is the annual report of the EU Agency for Cybersecurity, ENISA, on the state of the cybersecurity threat landscape. The 9th edition released today covers a period of reporting starting from April 2020 up to July 2021.

Cybersecurity threats are on the rise. Ransomware ranks as a prime threat for the reporting period. For each of the identified threats, attack techniques, notable incidents, and trends are identified alongside recommendations. The new report also features a list of trends concerning threat actors.

EU Agency for Cybersecurity Executive Director, Juhan Lepassaar stated that “Given the prominence of ransomware, having the right threat intelligence at hand will help the whole cybersecurity community to develop the techniques needed to best prevent and respond to such type of attacks. Such an approach can only rally around the necessity now emphasized by the European Council conclusions to reinforce the fight against cybercrime and ransomware more specifically.”

The cybersecurity threat landscape has grown in terms of sophistication of attacks, complexity and impact. Such a trend is spurred by an ever-growing online presence, the transitioning of traditional infrastructures to online solutions, advanced interconnectivity, and the exploitation of new features of emerging technologies.

Without surprise, supply-chains attacks rank highly among prime threats because of the significant potential they have in inducing catastrophic cascading effects. The risk is such that ENISA recently produced a dedicated threat landscape report for this specific category of threat.

The 9 top threats

9 threat groups were identified due to their prominent materialization over the reporting period.

  1. Ransomware;
  2. Malware;
  3. Cryptojacking;
  4. E-mail related threats;
  5. Threats against data;
  6. Threats against availability and integrity;
  7. Disinformation – misinformation;
  8. Non-malicious threats;
  9. Supply-chain attacks.

Key trends

The COVID-19 crisis has created possibilities for adversaries who used the pandemic as a dominant lure in campaigns for email attacks for instance. Monetization appears to be the main driver of such activities.

The techniques that threat actors are resorting to are numerous. The non-exhaustive list below presents some of the most prevalent ones identified in the report, across all threats:

  • Ransomware as a Service (RaaS)-type business models;
  • Multiple extortion ransomware schemes;
  • Business Email Compromise (BEC);
  • Phishing-as-a-service (PhaaS);
  • Disinformation-as-a-Service (DaaS) business model; etc.

Focus on three threats

  • Ransomware

Ransomware is a type of malicious attack where attackers encrypt an organization’s data and demand payment to restore access. Ransomware has been the prime threat during the reporting period, with several high-profile and highly publicized incidents. The significance and impact of the threat of ransomware is also evidenced by a series of related policy initiatives in the European Union (EU) and worldwide.

Compromise through phishing e-mails and brute-forcing on Remote Desktop Protocol (RDP) services remain the two most common infection vectors. The occurrence of triple extortion schemes also increased strongly during 2021 and cryptocurrency remains the most common pay-out method for threat actors.

  • Cryptojacking infections

Cryptojacking or hidden cryptomining is a type of cybercrime where a criminal secretly uses a victim’s computing power to generate cryptocurrency. With the proliferation of cryptocurrencies and their ever-increasing uptake by the wider public, an increase in corresponding cybersecurity incidents has been observed. Cryptocurrency remains the most common pay-out method for threat actors.

  • Misinformation and disinformation

This type of threat makes its first appearance in the ENISA threat landscape report.

Disinformation and misinformation campaigns are on the rise as a result of the increased online presence due to the COVID-19 pandemic logically leading to an overuse of social media platforms and online media.

Such threats are of paramount importance in the cyber world. Disinformation and misinformation campaigns are frequently used in hybrid attacks to foster doubt or create confusion, therefore reducing the overall perception of trust as a consequence and damaging this major proponent of cybersecurity in the process.

Threat actors: who are they?

Cyber threat actors are an integral component of the threat landscape. They are entities aiming to carry out a malicious act by taking advantage of existing vulnerabilities, with the intent to do harm to their victims. Understanding how threat actors think and act, what their motivations and goals are, is an important step towards a stronger cyber incident response. Monitoring the latest developments with respect to the tactics and techniques used by threat actors to achieve their objectives is crucial for an efficient defense in today’s cybersecurity ecosystem. Such threat assessment allows us to prioritize security controls and devise an adequate strategy based on the potential impact and likelihood of threat materialization.

For the purposes of the ETL 2021, focus was given to four categories of cybersecurity threat actors: state-sponsored, cybercrime, hacker-for-hire actors, and hacktivists.

Background

The ETL report maps the cyber threat landscape in a means to help decision-makers, policy-makers and security specialists define strategies to defend citizens, organizations and cyberspace.

This work is part of the EU Agency for Cybersecurity’s annual work program to provide strategic intelligence to its stakeholders.

The report’s content is gathered from open sources such as media articles, expert opinions, intelligence reports, incident analysis and security research reports; as well as through interviews with members of the ENISA Cyber Threat Landscapes Working Group (CTL working group).

From the information collected, the Agency produces its own analysis and views of the threat landscape that are meant to be industry and vendor neutral.

Further Information


Complete Report: ENISA Threat Landscape 2021 (PDF) – Mouseover to Scroll

ENISA Threat Landscape 2021

Read the original paper.

*Shared with permission under Creative Commons – Attribution 4.0 International (CC BY 4.0) – license.


Additional Reading

Source: ComplexDiscovery

Have a Request?

If you have information or offering requests that you would like to ask us about, please let us know and we will make our response to you a priority.

ComplexDiscovery is an online publication that highlights cyber, data and legal discovery insight and intelligence ranging from original research to aggregated news for use by cybersecurity, information governance, and eDiscovery professionals. The highly targeted publication seeks to increase the collective understanding of readers regarding cyber, data and legal discovery information and issues and to provide an objective resource for considering trends, technologies, and services related to electronically stored information.

ComplexDiscovery OÜ is a technology marketing firm providing strategic planning and tactical execution expertise in support of cyber, data and legal discovery organizations. Focused primarily on supporting the ComplexDiscovery publication, the company is registered as a private limited company in the European Union country of Estonia, one of the most digitally advanced countries in the world. The company operates virtually worldwide to deliver marketing consulting and services.

From Russia (and China) with Love? The UK National Cyber Security Centre Annual Review

According to the NCSC Annual Review, China remained a highly sophisticated...

New Federal Government Cybersecurity Incident and Vulnerability Response Playbooks

According to Matt Hartman, Deputy Executive Assistant Director for Cybersecurity, "The...

A Surge in Cybercriminality? The Annual ENISA Threat Landscape Report – 9th Edition

According to EU Agency for Cybersecurity Executive Director Juhan Lepassaar, “Given...

Considering Zero Trust? November 2021 Cyber Events Report from NATO CCDCOE

Computer security professionals love to say that there is no such...

Epiq Acquires Simplex

According to the release, the acquisition will increase the overall scale...

A Long Runway? KLDiscovery Files for Initial Public Offering

On Tuesday, November 23, 2021, KLDiscovery took a strong step toward...

Modus Secures Working Capital Facility from J.P. Morgan

According to Steven Horan, Chairman, and CEO of Modus, “Having the...

Driven and Innovative Discovery Merge

According to the announcement, Silver Oak Services Partners, a private equity...

An eDiscovery Market Size Mashup: 2021-2026 Worldwide Software and Services Overview

From market retraction in 2020 to resurgence in 2021, the worldwide...

A New Era in eDiscovery? Framing Market Growth Through the Lens of Six Eras

There are many excellent resources for considering chronological and historiographical approaches...

An eDiscovery Market Size Mashup: 2020-2025 Worldwide Software and Services Overview

While the Compound Annual Growth Rate (CAGR) for worldwide eDiscovery software...

Resetting the Baseline? eDiscovery Market Size Adjustments for 2020

An unanticipated pandemeconomic-driven retraction in eDiscovery spending during 2020 has resulted...

Five Great Reads on Cyber, Data, and Legal Discovery for November 2021

From worldwide eDiscovery market sizing and discovery intelligence to cybersecurity playbooks...

Five Great Reads on Cyber, Data, and Legal Discovery for October 2021

From artificial intelligence and predictive coding to eDiscovery business confidence and...

Five Great Reads on Cyber, Data, and Legal Discovery for September 2021

From countering ransomware to predictive coding and packaged services, the September...

Five Great Reads on Cyber, Data, and Legal Discovery for August 2021

From the interplay of digital forensics in eDiscovery to collecting online...

Alternative Reality? Winter 2022 eDiscovery Pricing Survey Results

Based on the complexity of data and legal discovery, it is...

Calm Before the Storm? Eighteen Observations on eDiscovery Business Confidence in the Fall of 2021

In the fall of 2021, 71.2% of survey respondents felt that...

Help Wanted? Issues Impacting eDiscovery Business Performance: A Fall 2021 Overview

In the fall of 2021, 27.4% of respondents viewed lack of...

Harvest Time? eDiscovery Operational Metrics in the Fall of 2021

In the fall of 2021, 67 eDiscovery Business Confidence Survey participants...