Fri. Mar 29th, 2024

Content Assessment: Geopolitical Shakedowns? The Annual ENISA Threat Landscape Report - 10th Edition

Information - 95%
Insight - 96%
Relevance - 93%
Objectivity - 92%
Authority - 94%

94%

Excellent

A short percentage-based assessment of the qualitative benefit of the recent post highlighting the recently published annual threat landscape report by the European Union Agency for Cybersecurity.

Editor’s Note: The European Union Agency for Cybersecurity, ENISA, is the Union’s agency dedicated to achieving a high common level of cybersecurity across Europe. In November of 2022, ENISA published the tenth edition of the ENISA Threat Landscape (ETL) report. The report maps the cyber threat landscape to help decision-makers, policy-makers, and security specialists define strategies to defend citizens, organizations, and cyberspace. This work is part of the EU Agency for Cybersecurity’s annual work program to provide strategic intelligence to its stakeholders. This new report may benefit cybersecurity, information governance, and legal discovery professionals operating in the eDiscovery ecosystem as they consider cyber discovery through the lens of increasing cyber threats.


Press Announcement And Report*

Volatile Geopolitics Shake the Trends of the 2022 Cybersecurity Threat Landscape

With the geopolitical context giving rise to cyberwarfare and hacktivism, alarming cyber operations and malignant cyberattacks have altered the trends of the 10th edition of the Threat Landscape report released today by the European Union Agency for Cybersecurity (ENISA).

The ENISA Threat Landscape 2022 (ETL) report is the annual report of the EU Agency for Cybersecurity on the state of the cybersecurity threat landscape. The 10th edition covers a period of reporting starting from July 2021 up to July 2022.

With more than 10 terabytes of data stolen monthly, ransomware still fares as one of the prime threats in the new report with phishing now identified as the most common initial vector of such attacks. The other threats to rank highest along ransomware are attacks against availability also called Distributed Denial of Service (DDoS) attacks.

However, the geopolitical situations, particularly the Russian invasion of Ukraine, have acted as a game changer over the reporting period for the global cyber domain. While we still observe an increase in the number of threats, we also see a wider range of vectors emerge, such as zero-day exploits and AI-enabled disinformation and deepfakes. As a result, more malicious and widespread attacks emerge having more damaging impact.

EU Agency for Cybersecurity Executive Director, Juhan Lepassaar stated that “Today’s global context is inevitably driving major changes in the cybersecurity threat landscape. The new paradigm is shaped by the growing range of threat actors. We enter a phase which will need appropriate mitigation strategies to protect all our critical sectors, our industry partners and therefore all EU citizens.”

Prominent threat actors remain the same

State sponsored, cybercrime, hacker-for-hire actors and hacktivists remain the prominent threat actors during the reporting period of July 2021 to July 2022.

Based on the analysis of the proximity of cyber threats in relation to the European Union (EU), the number of incidents remains high over the reporting period in the NEAR category. This category includes affected networks, systems, controlled and assured within EU borders. It also covers the affected population within the borders of the EU.

Threat analysis across sectors

Added last year, the threat distribution across sectors is an important aspect of the report as it gives context to the threats identified. This analysis shows that no sector is spared. It also reveals nearly 50% of threats target the following categories; public administration and governments (24%), digital service providers (13%) and the general public (12%) while the other half is shared by all other sectors of the economy.

Top threats still standing their grounds

ENISA sorted threats into 8 groups. Frequency and impact determine how prominent all of these threats still are.

  • Ransomware: 60% of affected organisations may have paid ransom demands
  • Malware: 66 disclosures of zero-day vulnerabilities observed in 2021
  • Social engineering: Phishing remains a popular technique but we see new forms of phishing arising such as spear-phishing, whaling, smishing and vishing
  • Threats against data: Increasing in proportionally to the total of data produced
  • Threats against availability: Largest Denial of Service (DDoS) attack ever was launched in Europe in July 2022; Internet: destruction of infrastructure, outages and rerouting of internet traffic.
  • Disinformation – misinformation: Escalating AI-enabled disinformation, deepfakes and disinformation-as-a-service
  • Supply chain targeting: Third-party incidents account for 17% of the intrusions in 2021 compared to less than 1% in 2020

Contextual trends emerging

  • Zero-day exploits are the new resource used by cunning threat actors to achieve their goals;
  • A new wave of hacktivism has been observed since the Russia-Ukraine war.
  • DDoS attacks are getting larger and more complex moving towards mobile networks and Internet of Things (IoT) which are now being used in cyberwarfare.
  • AI-enabled disinformation and deepfakes. The proliferation of bots modelling personas can easily disrupt the “notice-and-comment” rulemaking process, as well as the community interaction, by flooding government agencies with fake contents and comments.

Shifting motivation and digital impact are driving new trends

An impact assessment of threats reveals 5 types of impact; damages of reputational, digital, economical, physical or social nature. Although for most incidents the impact really remains unknown because victims fail to disclose information or the information remains incomplete.

Prime threats were analysed in terms of motivation. The study reveals that ransomware is purely motivated by financial gains. However, motivation for state sponsored groups can be drawn from geopolitics with threats such as espionage and disruptions. Ideology may also be the motor behind cyber operations by hacktivists.

Background

The ETL report maps the cyber threat landscape to help decision-makers, policy-makers and security specialists define strategies to defend citizens, organisations and cyberspace. This work is part of the EU Agency for Cybersecurity’s annual work programme to provide strategic intelligence to its stakeholders.

The report’s content is gathered from open sources such as media articles, expert opinions, intelligence reports, incident analysis and security research reports; as well as through interviews with members of the ENISA Cyber Threat Landscapes Working Group (CTL working group).

The analysis and views of the threat landscape by ENISA is meant to be industry and vendor-neutral. Information based on OSINT (Open Source Intelligence) and the work of ENISA on Situational Awareness also helped document the analysis presented in the report.

Further Information:

Read the original announcement.


Complete Report: ENISA Threat Landscape 2022 (PDF) – Mouseover to Scroll

ENISA Threat Landscape 2022

Read the original paper.

*Shared with permission under Creative Commons – Attribution 4.0 International (CC BY 4.0) – license.


Additional Reading

Source: ComplexDiscovery

 

Generative Artificial Intelligence and Large Language Model Use

ComplexDiscovery OÜ recognizes the value of GAI and LLM tools in streamlining content creation processes and enhancing the overall quality of its research, writing, and editing efforts. To this end, ComplexDiscovery OÜ regularly employs GAI tools, including ChatGPT, Claude, Midjourney, and DALL-E, to assist, augment, and accelerate the development and publication of both new and revised content in posts and pages published (initiated in late 2022).

ComplexDiscovery also provides a ChatGPT-powered AI article assistant for its users. This feature leverages LLM capabilities to generate relevant and valuable insights related to specific page and post content published on ComplexDiscovery.com. By offering this AI-driven service, ComplexDiscovery OÜ aims to create a more interactive and engaging experience for its users, while highlighting the importance of responsible and ethical use of GAI and LLM technologies.

 

Have a Request?

If you have information or offering requests that you would like to ask us about, please let us know, and we will make our response to you a priority.

ComplexDiscovery OÜ is a highly recognized digital publication focused on providing detailed insights into the fields of cybersecurity, information governance, and eDiscovery. Based in Estonia, a hub for digital innovation, ComplexDiscovery OÜ upholds rigorous standards in journalistic integrity, delivering nuanced analyses of global trends, technology advancements, and the eDiscovery sector. The publication expertly connects intricate legal technology issues with the broader narrative of international business and current events, offering its readership invaluable insights for informed decision-making.

For the latest in law, technology, and business, visit ComplexDiscovery.com.