ENISA Cyber Threat Landscape Report 2024: Key Findings

The report highlights significant increases in cyber incidents and details the evolving strategies of cybercriminals.
27 September 2024 by
ENISA Cyber Threat Landscape Report 2024: Key Findings
Data Rover, Ltd

The European Union Agency for Cybersecurity (ENISA) has recently released the 2024 Threat Landscape Report, a comprehensive analysis of cybersecurity trends from July 2023 to June 2024. The report highlights significant increases in cyber incidents and details the evolving strategies of cybercriminals.



📍 Top Cyber Threats


ENISA identifies seven main categories of cyber threats:


Denial of Service (DDoS) Attacks 

DDoS attacks surged past ransomware, becoming the most frequent type of attack, representing a significant portion of the over 11,000 security incidents analysed. These attacks disrupt the availability of services, often causing operational downtime.


Ransomware

Despite being surpassed by DDoS, ransomware remains a dominant threat, where criminals hold data or services hostage in exchange for a ransom. The rise of Malware-as-a-Service (MaaS) has contributed to an increase in ransomware attacks, with both businesses and public sectors as primary targets.


Malware 

ENISA emphasises that malware continues to play a key role in many cyberattacks, compromising confidentiality, integrity, and availability of systems.


Social Engineering 

Human error remains a common vulnerability, exploited through techniques like phishing to gain unauthorised access to sensitive information.


Supply Chain Attacks 

These attacks, where attackers target service providers to infiltrate organisations, are becoming more prevalent, with open-source projects being particularly vulnerable.


Information Manipulation 

Particularly in the context of geopolitical conflicts, information manipulation is increasingly used to spread misinformation or influence public opinion.


Data Breaches 

Attacks aimed at stealing or compromising data continue to rise, leading to significant security and privacy concerns.



📍 Notable Trends


Sectoral Impact 

Public Administration (19% of all attacks) and the Transport sector (11%) were the most targeted sectors, followed by Banking/Finance (9%) and Business Services (8%).


Exploitation of AI Tools 

Criminals are increasingly using generative AI technologies to craft sophisticated phishing emails and malicious code, making attacks more credible and difficult to detect.


Advanced Evasion Techniques 

Cybercriminals are adopting techniques like Living Off The Land (LOTL), using trusted platforms (e.g., Slack, Telegram) to carry out malicious activities, blending into legitimate traffic to avoid detection.



📍 Vulnerabilities and Defensive Gaps


Over 19,700 vulnerabilities were identified during the reporting period, with 9.3% classified as "critical" and 21.8% as "high-risk." The growing complexity of threats highlights the increasing pressure on cybersecurity teams to respond effectively to a rapidly evolving landscape.


📍 Motivations Behind Attacks


ENISA categorises cyberattacks based on the primary motivations of threat actors:


Financial Gain

Most cybercrime activity is profit-driven, including ransomware, data theft, and fraud.


Disruption 

DDoS attacks aimed at disrupting services represent the second most common motive.


Espionage and Ideology 

State-sponsored attacks driven by espionage or hacktivist causes are rising, reflecting the growing intersection of cyberattacks with geopolitical goals.


The 2024 ENISA Cyber Threat Landscape Report points out the increasingly sophisticated and varied nature of cyber threats, with a notable shift towards more frequent DDoS attacks and the exploitation of AI. 


The report calls for heightened vigilance, enhanced cybersecurity measures, and international cooperation to address the ever-growing threat to digital infrastructure.



The full ENISA 2024 Threat Landscape Report is available for download here:   https://www.enisa.europa.eu/publications/enisa-threat-landscape-2024

Your data, your success.


Contact Us

Labels
Archive