• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • Facebook
  • Instagram
  • LinkedIn
  • TikTok
  • Twitter
  • YouTube
CDE Almería – Centro de Documentación Europea – Universidad de Almería

CDE Almería - Centro de Documentación Europea - Universidad de Almería

Centro de Documentación Europea de la Universidad de Almería

  • HOME
  • WHAT´S ON
    • EU BULLETINS
    • EU NEWS
    • Activities
    • EU Calls and Awards
    • Radio Program «Europe with You»
  • DOCUMENTATION
    • Bibliographic Collection
      • Almería EDC Digital Collection
      • UNIVERSITY OF ALMERIA LIBRARY
    • Documentation by topic
    • EU Media Collection
      • Web Space
      • MEDIATHEQUE REPOSITORY
  • Europe on the net
    • Institutions
    • EU Representation in Spain
    • European information network of Andalusia
    • EU official journal
  • ABOUT US
    • Presentation
    • People
    • Contact
  • English
  • Spanish

The cybersecurity threat landscape

Inicio » EU News » Defence & Security » Cybersecurity » The cybersecurity threat landscape

3 de November de 2021

The cybersecurity threat landscape has grown in terms of sophistication of attacks, complexity and impact. Such a trend is spurred by an ever-growing online presence, the transitioning of traditional infrastructures to online solutions, advanced interconnectivity and the exploitation of new features of emerging technologies.

 

Without surprise, supply-chains attacks rank highly among prime threats because of the significant potential they have in inducing catastrophic cascading effects. The risk is such that ENISA recently produced a dedicated threat landscape report for this specific category of threat.

The 9 top threats

9 threat groups were identified due to their prominent materialisation over the reporting period.

  1. Ransomware;
  2. Malware;
  3. Cryptojacking;
  4. E-mail related threats;
  5. Threats against data;
  6. Threats against availability and integrity;
  7. Disinformation – misinformation;
  8. Non-malicious threats;
  9. Supply-chain attacks.

Key trends

The COVID-19 crisis has created possibilities for adversaries who used the pandemic as a dominant lure in campaigns for email attacks for instance. Monetisation appears to be the main driver of such activities.

The techniques that threat actors are resorting to are numerous. The non-exhaustive list below presents some of the most prevalent ones identified in the report, across all threats:

  • Ransomware as a Service (RaaS)-type business models;
  • Multiple extortion ransomware schemes;
  • Business Email Compromise (BEC);
  • Phishing-as-a-service (PhaaS);
  • Disinformation-as-a-Service (DaaS) business model; etc.

Focus on three threats

  • Ransomware

Ransomware is a type of malicious attack where attackers encrypt an organisation’s data and demand payment to restore access. Ransomware has been the prime threat during the reporting period, with several high profile and highly publicised incidents. The significance and impact of the threat of ransomware is also evidenced by a series of related policy initiatives in the European Union (EU) and worldwide.

Compromise through phishing e-mails and brute-forcing on Remote Desktop Protocol (RDP) services remain the two most common infection vectors. The occurrence of triple extortion schemes also increased strongly during 2021 and cryptocurrency remains the most common pay-out method for threat actors.

  • Cryptojacking infections

Cryptojacking or hidden cryptomining is a type of cybercrime where a criminal secretly uses a victim’s computing power to generate cryptocurrency. With the proliferation of cryptocurrencies and their ever-increasing uptake by the wider public, an increase in corresponding cybersecurity incidents has been observed. Cryptocurrency remains the most common pay-out method for threat actors.

  • Misinformation and disinformation

This type of threats makes its first appearance in the ENISA threat landscape report.

Disinformation and misinformation campaigns are on the rise as a result of the increased online presence due to the COVID-19 pandemic logically leading to an overuse of social media platforms and online media.

Such threats are of paramount importance in the cyber world. Disinformation and misinformation campaigns are frequently used in hybrid attacks to foster doubt or create confusion, therefore reducing the overall perception of trust as a consequence and damaging this major proponent of cybersecurity in the process.

Threat actors: who are they?

Cyber threat actors are an integral component of the threat landscape. They are entities aiming to carry out a malicious act by taking advantage of existing vulnerabilities, with the intent to do harm to their victims. Understanding how threat actors think and act, what their motivations and goals are, is an important step towards a stronger cyber incident response. Monitoring the latest developments with respect to the tactics and techniques used by threat actors to achieve their objectives is crucial for an efficient defence in today’s cybersecurity ecosystem. Such threat assessment allows us to prioritise security controls and devise an adequate strategy based on the potential impact and likelihood of threat materialisation.

For the purposes of the ETL 2021, focus was given to four categories of cybersecurity threat actors: state-sponsored, cybercrime, hacker-for-hire actors and hacktivists.

More information

ENISA – Press release

Publicaciones relacionadas:

Radicalisation in the EU: what is it? How can it be prevented? International sting against dark web vendors leads to 179 arrests estadio de futbolStop illegal live sports streaming, urge MEPs Child abuse on the dark web, how to detect it Campo de fútbolHow to put an end to piracy in sports broadcasting

“This is a space for debate. All comments, for or against publication, that are respectful and do not contain expressions that are discriminatory, defamatory or contrary to current legislation will be published”.

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Primary Sidebar

Publicaciones relacionadas


Radicalisation in the EU: what is it? How can it be prevented?


International sting against dark web vendors leads to 179 arrests


estadio de futbolStop illegal live sports streaming, urge MEPs


Child abuse on the dark web, how to detect it


Campo de fútbolHow to put an end to piracy in sports broadcasting

Footer

Logotipo en negativo del Centro de Documentación Europea de Almería
  • CDE Almería
  • Edificio Parque Científico-Tecnológico (Pita)
  • Planta: 1ª, Despacho: 2904120.
  • Ctra. Sacramento s/n. Almería (Spain)
  • Teléfono: (+34) 950 015266

HOME
NEWS
DOCUMENTATION
EUROPE ON THE NET
ABOUT US

  • LEGAL NOTICE
  • PRIVACY POLICY
  • COOKIE POLICY
  • ACCESSIBILITY
  • SITEMAP

Copyright © 2023 CDE Almería · Creative Commons LicenseThis work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.

<p>El Centro de Documentación Europea de la Universidad de Almería utiliza cookies propias y de terceros para facilitar al usuario la navegación en su página Web y el acceso a los distintos contenidos alojados en la misma. Asimismo, se utilizan cookies analíticas de terceros para medir la interacción de los usuarios con el sitio Web. Pinche el siguiente enlace si desea información sobre el uso de cookies y como deshabilitarlas. ajustes</p>

Politica de privacidad

El Centro de Documentación Europea de la Universidad de Almería utiliza cookies propias y de terceros para facilitar al usuario la navegación en su página Web y el acceso a los distintos contenidos alojados en la misma. Asimismo, se utilizan cookies analíticas de terceros para medir la interacción de los usuarios con el sitio Web. Pinche el siguiente enlace si desea información sobre el uso de cookies y como deshabilitarlas. <a href="/politica-de-cookies" rel="noopener" target="_blank">Más información</a>

Cookies estrictamente necesarias

Las cookies estrictamente necesarias tiene que activarse siempre para que podamos guardar tus preferencias de ajustes de cookies.

Básicamente la web no funcionara bien si no las activas.

Estas cookies son:

  • Comprobación de inicio de sesión.
  • Cookies de seguridad.
  • Aceptación/rechazo previo de cookies.

Si desactivas esta cookie no podremos guardar tus preferencias. Esto significa que cada vez que visites esta web tendrás que activar o desactivar las cookies de nuevo.

Cookies de terceros

Esta web utiliza Google Analytics, Google Tag Manager y Yandex Metrika para recopilar información anónima tal como el número de visitantes del sitio, o las páginas más populares.

Dejar estas cookies activas nos permite mejorar nuestra web.

¡Por favor, activa primero las cookies estrictamente necesarias para que podamos guardar tus preferencias!

Política de cookies

Pinche el siguiente enlace si desea información sobre el uso de cookies y como deshabilitarlas. Más información