A long road is ahead to reach a more secure digital environment, warns the European Union Agency for Cybersecurity (ENISA). This is mainly due to the weakening of cybersecurity due to changes in working and infrastructure patterns caused by the Covid-19 pandemic. This global phenomenon has led to a surge in cyber criminals’ personalised attacks. That’s according to the eighth annual ENISA Threat Landscape (ETL) 2020 report, on the top cyber threats for January 2019 to April 2020.
This year’s publication is divided into 22 reports, available in pdf form and ebook; covered are new tech such as 5G, the internet of things and smart cars; and emerging threats. The combined report lists the major change from the 2018 threat landscape as the COVID-19-led transformation of digital use. During the pandemic, cyber criminals have been seen adapting quickly and targeting victim groups more effectively, says ENISA. From copycats of popular brands websites to fraudulent services that never deliver the merchandise, the coronavirus revealed weaknesses in the trust model used in online shopping. Cyberbullying and sextortion incidents increased with the pandemic as mobile technology and subscription to digital platforms makes younger generations more vulnerable to these types of threats. Malicious actors are using social media platforms for targeted attacks.
While financial reward is the main motive for most cyber attacks, as for targeted and persistent attacks on high-value data, such as intellectual property and state secrets, attacks are by ‘state-sponsored actors’. Many cybersecurity incidents still go unnoticed or take a long time to be detected.
As tech keeps diversifying, the number of potential vulnerabilities in a virtual or physical environment continues to expand, says the agency, based in Athens and Crete.
EU Agency for Cybersecurity Executive Director Juhan Lepassaar said: “Cyber threats are evolving and becoming increasingly complex. This is not new. The Agency has developed the latest ‘ENISA Threat Landscape’ into a more user-friendly format meeting the needs of its beneficiaries who can use it to advance their readiness and target the response better.”
The top 15 cyber threat reports are of a technical nature, and include findings, major incidents and statistics. The threat reports cover:
Malware
Web-based Attacks
Phishing
Web Application Attacks
SPAM
Distributed Denial of Service (DDoS)
Identity Theft
Data Breach
Insider Threat
Botnets
Physical Manipulation, Damage, Theft and Loss
Information Leakage
Ransomware
Cyber Espionage
Cryptojacking.
Visit https://www.enisa.europa.eu/topics/threat-risk-management/threats-and-trends.
