The European Union Agency for Cybersecurity (ENISA) has recently released the 2024 Threat Landscape Report, a comprehensive analysis of cybersecurity trends from July 2023 to June 2024. The report highlights significant increases in cyber incidents and details the evolving strategies of cybercriminals.
📍 Top Cyber Threats
ENISA identifies seven main categories of cyber threats:
Denial of Service (DDoS) Attacks
DDoS attacks surged past ransomware, becoming the most frequent type of attack, representing a significant portion of the over 11,000 security incidents analysed. These attacks disrupt the availability of services, often causing operational downtime.
Ransomware
Despite being surpassed by DDoS, ransomware remains a dominant threat, where criminals hold data or services hostage in exchange for a ransom. The rise of Malware-as-a-Service (MaaS) has contributed to an increase in ransomware attacks, with both businesses and public sectors as primary targets.
Malware
ENISA emphasises that malware continues to play a key role in many cyberattacks, compromising confidentiality, integrity, and availability of systems.
Social Engineering
Human error remains a common vulnerability, exploited through techniques like phishing to gain unauthorised access to sensitive information.
Supply Chain Attacks
These attacks, where attackers target service providers to infiltrate organisations, are becoming more prevalent, with open-source projects being particularly vulnerable.
Information Manipulation
Particularly in the context of geopolitical conflicts, information manipulation is increasingly used to spread misinformation or influence public opinion.
Data Breaches
Attacks aimed at stealing or compromising data continue to rise, leading to significant security and privacy concerns.
📍 Notable Trends
Sectoral Impact
Public Administration (19% of all attacks) and the Transport sector (11%) were the most targeted sectors, followed by Banking/Finance (9%) and Business Services (8%).
Exploitation of AI Tools
Criminals are increasingly using generative AI technologies to craft sophisticated phishing emails and malicious code, making attacks more credible and difficult to detect.
Advanced Evasion Techniques
Cybercriminals are adopting techniques like Living Off The Land (LOTL), using trusted platforms (e.g., Slack, Telegram) to carry out malicious activities, blending into legitimate traffic to avoid detection.
📍 Vulnerabilities and Defensive Gaps
Over 19,700 vulnerabilities were identified during the reporting period, with 9.3% classified as "critical" and 21.8% as "high-risk." The growing complexity of threats highlights the increasing pressure on cybersecurity teams to respond effectively to a rapidly evolving landscape.
📍 Motivations Behind Attacks
ENISA categorises cyberattacks based on the primary motivations of threat actors:
Financial Gain
Most cybercrime activity is profit-driven, including ransomware, data theft, and fraud.
Disruption
DDoS attacks aimed at disrupting services represent the second most common motive.
Espionage and Ideology
State-sponsored attacks driven by espionage or hacktivist causes are rising, reflecting the growing intersection of cyberattacks with geopolitical goals.
The 2024 ENISA Cyber Threat Landscape Report points out the increasingly sophisticated and varied nature of cyber threats, with a notable shift towards more frequent DDoS attacks and the exploitation of AI.
The report calls for heightened vigilance, enhanced cybersecurity measures, and international cooperation to address the ever-growing threat to digital infrastructure.
The full ENISA 2024 Threat Landscape Report is available for download here: https://www.enisa.europa.eu/publications/enisa-threat-landscape-2024