The Europen Agency for cybersecurity ENISA releases its ENISA Threat Landscape 2022 (ETL) report, which is the annual analysis of the state of the cybersecurity threat landscape.
This is the 10th edition of the annual report and analyzes events that took place between July 2021 and July 2022.
The report highlights the impact of the geopolitical context on thethreat landscape, during the above period ENISA experts observed the rise in malicious activities associated with cyberwarfare and hacktivism.
The geopolitical situations, particularly the ongoing Russian invasion of Ukraine, caused a significant increase in the number of state-sponsored attacks with cyberespionage, sabotage, and misinformation purposes. Another alarming trend that emerged from the report is the increase in the number of threats, the experts observed a proliferation of zero-day exploits and AI-enabled disinformation and deepfakes.
Ransomware continues to be one of the most dangerous threats for organizations worldwide, more than 10 terabytes of data are stolen monthly. According to the report, phishing campaigns are not identified as the most common initial vector of such ransomware attacks.
Below is the list of the top threats during the reporting period of the ETL 2022:
“Today’s global context is inevitably driving major changes in the cybersecurity threat landscape. The new paradigm is shaped by the growing range of threat actors. We enter a phase which will need appropriate mitigation strategies to protect all our critical sectors, our industry partners and therefore all EU citizens.” said EU Agency for Cybersecurity Executive Director, Juhan Lepassaar.
For each of the identified threats, the report proposed attack techniques, notable incidents and trends, the document also includes mitigation measures.
Below are the categories of threat actors analyzed in the report:
The ENISA Threat Landscape 2022 includes an impact assessment of cyber threats that reveals 5 types of impact:
“The ETL report maps the cyber threat landscape to help decision-makers, policy-makers and security specialists define strategies to defend citizens, organisations and cyberspace. This work is part of the EU Agency for Cybersecurity’s annual work programme to provide strategic intelligence to its stakeholders.” states the announcement. “The report’s content is gathered from open sources such as media articles, expert opinions, intelligence reports, incident analysis and security research reports; as well as through interviews with members of the ENISA Cyber Threat Landscapes Working Group (CTL working group).”
Enjoy the report:
(SecurityAffairs – hacking, ENISA Threat Landscape 2022)