Enisa (the European Union Agency for Cybersecurity) has recently published the eighth edition of its Threat Landscape Report (ETL) on cyber threats registered in the period between January 2019 and April 2020, describing the evolution of the current cybersecurity scenario in Europe and emphasizing in particular the serious effects of the Coronavirus pandemic on the sector.
Overview of the Enisa 2020 report
The new ETL-Enisa Threat Landscape 2020 report was produced with the support of the European Commission and EU Member States. The content of the ETL report is primarily based on literature available from open sources, such as articles, expert opinions, intelligence reports, security incident analysis and research reports, but Enisa’s team also conducted interviews with members of the ETL stakeholder group who are experts in the field and with various components of the European Cyber Threat Intelligence community. The document, as already mentioned, dedicates ample space to the effects of the Covid-19 pandemic, but also talks about other trends that were already present and how the health emergency has only contributed to their spread and further aggravation. In particular, the report points out that attacks that exploit ransomware are spreading rapidly, precisely because obtaining a large reward is still the driving force behind numerous attacks. In addition, Enisa’s experts have highlighted the fact that attacks aimed at high-value targets, for example those launched to obtain state secrets, are often organized by state-sponsored thugs, who carry out real operations of “cyber warfare”.
The repercussions of the pandemic
The Covid-19 pandemic has forced countries to adopt digital systems on a large and improvised scale that would allow them to manage some aspects of the crisis, such as the coordination of health services, the adoption of smart-working regimes, training at a distance, interpersonal communication, tracking of infections and many others. This sudden change has created many problems in the area of cybersecurity, given that in recent months, cyber threats have spread precisely due to the increase in internet traffic and the greater use of certain digital platforms. In fact, the Enisa report shows that the pandemic has significantly and directly influenced the current situation in cyberspace, leading to an increase in phenomena such as cyber bullying and the spread of fake e-commerce sites. Furthermore, the victims of phishing in Europe are constantly growing and Covid-19 is exploited both as a theme of deceptive messages containing malicious links, and as bait for online scams aimed at SMEs or large companies. Given that the Coronavirus pandemic is not yet under control, it is expected to continue to challenge cyber security professionals and influence the cyber threat landscape for a long time to come.
The 15 Top Threats in today’s cyberspace
The ranking of the 15 most common cyber threats from January 2019 to April 2020 according to Enisa’s analysis is this:
- Web-based Attacks
- Web application attacks
- Denial of service
- Identity theft
- Data breaches
- Insider threat
- Physical manipulation, damage, theft and loss
- Information leakage
If Malware was already the most widespread threat in 2018, other types such as web-based attacks, Phishing and Ransomware have grown in the last period. It is obviously still too early to quantify the effects of the pandemic on each type of threat in a precise manner, but it is evident that certain trends have been strongly influenced by the context in which we currently find ourselves. In conclusion, one can say that the data presented in the report serves to reinforce what the fundamental message that the European agency has already launched during the “cybersecurity month” that has just passed is, namely that cyberspace must quickly be made reliable and secure, because the “new normal” of post Covid depends on it.