Threat Landscape

The ENISA Threat Landscape (ETL) report is the annual report of the European Union Agency for Cybersecurity, ENISA, on the state of the cybersecurity threat landscape.

The ENISA Threat Landscape (ETL) report is the annual report of the European Union Agency for Cybersecurity, ENISA, on the state of the cybersecurity threat landscape. In October 2022, ENISA released the 10th edition of the report that covers a period of reporting starting from April 2021 up to July 2022.

The report report identifies prime threats, major trends observed with respect to threats, threat actors and attack techniques, and also describes relevant mitigation measures.

Top threats

ENISA sorted threats into 8 groups. Frequency and impact determine how prominent all of these threats still are.

  • Ransomware:
    • 60% of affected organisations may have paid ransom demands
  • Malware:
    • 66 disclosures of zero-day vulnerabilities observed in 2021
  • Social engineering:
    • Phishing remains a popular technique but we see new forms of phishing arising such as spear-phishing, whaling, smishing and vishing
  • Threats against data:
    • Increasing in proportionally to the total of data produced
  • Threats against availability:
    • Largest Denial of Service (DDoS) attack ever was launched in Europe in July 2022;
    • Internet: destruction of infrastructure, outages and rerouting of internet traffic.
  • Disinformation – misinformation:
    • Escalating AI-enabled disinformation, deepfakes and disinformation-as-a-service
  • Supply chain targeting:
    • Third-party incidents account for 17% of the intrusions in 2021 compared to less than 1% in 2020

Main trends

  • Zero-day exploits are the new resource used by cunning threat actors to achieve their goals;
  • A new wave of hacktivism has been observed since the Russia-Ukraine war.
  • DDoS attacks are getting larger and more complex moving towards mobile networks and Internet of Things (IoT) which are now being used in cyberwarfare.
  • AI-enabled disinformation and deepfakes. The proliferation of bots modelling personas can easily disrupt the “notice-and-comment” rulemaking process, as well as the community interaction, by flooding government agencies with fake contents and comments.