ENISA’s Threat Landscape Report for 2023, 11th Edition: Key Highlights

ENISA, the European Agency for Cybersecurity, issues an annual report known as the ENISA Threat Landscape (ETL) report, providing insights into the state of the cybersecurity environment. The recently released 11th edition covers key developments, threats, and risks within the global cybersecurity landscape from July 2022 to July 2023.

Key Aspects of the Threat Landscape:

1. Top cybersecurity threats.
2. Major trends in information security.
3. Threat actors.
4. Attack techniques.
5. Impact of geopolitical events on the threat landscape.
6. Rise in malicious activities, including hacktivism and cyber warfare.
7. Suggested measures for cybercrime mitigation and cyber resilience.
8. The impact of AI on cybercrime and information manipulation.

Top Findings of the 11th ETL Report:

1. Rise in Cyber Attacks and Ransomware Attacks:
   • Documented around 2,580 cyber incidents from July 2022 to June 2023.
   • Notable impact on public administrations (19%) and health (8%).
   • Cascading effects often triggered due to interdependencies across sectors.
2. Top Cybersecurity Threats:
   • Categorized threats into 8 groups, with ransomware (34%) and DDoS attacks (28%) leading.
   • Specific sectors targeted, including manufacturing (14%) and health (13%).
3. Trends on Threat Actors:
   • Evolving trends in state-nexus actors, including a rise in hacktivism.
   • Collaboration between state-nexus actors and cybercriminals.
   • Motivations primarily driven by financial gain and disruption.
4. The Threat of AI, Information Manipulation & Social Engineering:
   • Increasing threat of Information Manipulation due to AI tools and social engineering.
   • 30% of social engineering attacks targeted the general public.
   • Information manipulation campaigns pose a significant threat to the electoral process.

Conclusion:The latest ENISA Threat Landscape report underscores the dynamic and evolving nature of cyber threats, reflecting a period marked by significant developments in cybersecurity challenges. It highlights the escalating complexity and frequency of cyber incidents, with a notable increase in ransomware and DDoS attacks affecting various sectors, especially public administrations and healthcare. The collaboration between state-affiliated actors and cybercriminals, along with the rise in AI-driven information manipulation and social engineering tactics, emphasizes the need for heightened awareness and proactive measures in cybersecurity.

This comprehensive overview provided by the ENISA report serves as a vital tool for understanding the current state of cyber threats, offering valuable insights for organizations to refine their strategies in cybercrime mitigation and resilience building. In this context, staying informed and vigilant is imperative for all stakeholders in the cybersecurity ecosystem, from policymakers to businesses, to effectively navigate and counter these evolving threats.