Access to Innovation
Access to Capital
Access to Talent
Access to Market
Access to Knowledge
Date Trend snippet:
23 October 2023
Relevance date:
2022, 2023, 2024
Type of Treath or Oppertunity
Domain of application
Source of threat
Trends in Security
Trends in Security Information
The HSD Trendmonitor is designed to provide access to relevant content on various subjects in the safety and security domain, to identify relevant developments and to connect knowledge and organisations. The safety and security domain encompasses a vast number of subjects. Four relevant taxonomies (type of threat or opportunity, victim, source of threat and domain of application) have been constructed in order to visualize all of these subjects. The taxonomies and related category descriptions have been carefully composed according to other taxonomies, European and international standards and our own expertise.
In order to identify safety and security related trends, relevant reports and HSD news articles are continuously scanned, analysed and classified by hand according to the four taxonomies. This results in a wide array of observations, which we call ‘Trend Snippets’. Multiple Trend Snippets combined can provide insights into safety and security trends. The size of the circles shows the relative weight of the topic, the filters can be used to further select the most relevant content for you. If you have an addition, question or remark, drop us a line at info@securitydelta.nl.
visible on larger screens only
Please expand your browser window.
Or enjoy this interactive application on your desktop or laptop.
More vigilance is needed ahead of the 2024 European elections, increased cyber threats, ransomware remains the prime threat, new emerging techniques with AI
ENISA notes a significant increase in the variety and quantity of cyberattacks, especially on public administration. Therefore, more vigilance is needed ahead of the 2024 European elections. Cybercriminals are influenced by geopolitical events and the war in Ukraine influenced the threat landscape. Ransomware ranks the highest in prime threat. New emerging techniques with the use of AI in attacks.
More source info
The list below summarises the main trends observed in the cyber threat landscape during the reporting period. Further details and analysis on the trends may be found throughout the various chapters that comprise the ENISA threat landscape of 2023.
• Ransomware and threats against availability ranked at the top during the reporting period. • Resourceful threat actors have been observed to misuse legitimate tools primarily to prolong their cyber espionage operations . Their aim was to evade detection for as long as possible and obscure their activities by using widely available software from most systems which makes it more challenging for defenders to identify them. Maximizing their chances of success when it comes to an intrusion by not arousing victim’ suspicions
• Geopolitics continue to have a strong impact on cyber operations.
• Several threat actors further professionalised12 13 their As-a-Service programmes. They not only used novel tactics and methods to infiltrate environments but also delved into alternative approaches to pressure and extort victims, all the while advancing their illicit enterprises.
• By Using Extortion Only Techniques criminal organisations have been progressively blending extortion methods that almost invariably incorporate some form of data theft. Double extortion has witnessed a notable rise, with certain groups even relying solely on the act of stealing information.
• Increased operations by law enforcement, such as the takedown of Hive ransomware group's IT infrastructure or Trickbot.
• Cl0p rose in the first half of 2023 with the weaponisation of two zero-days.
• One of the biggest malware threats is still information stealers such as Agent Tesla, Redline Stealer and FormoBook.
• There is a steady decline in classic mobile malware, with adware remaining in numbers of occurrences the most prevalent threat to mobile devices while in terms of impact spyware can be seen as the most prevalent threat to mobile devices.
Use of AI in cyber attacks
Social engineering attacks grew significantly in 2023 with Artificial Intelligence (AI) and new types of techniques emerging, but phishing still remains the top attack vector
Relevance date
Throughout the latter part of 2022 and the initial half of 2023, there was a notable escalation in cybersecurity attacks, setting new benchmarks in both the variety and number of incidents, as well as their consequences. The ongoing war of aggression against Ukraine remains a significant factor shaping the cybersecurity landscape. The phenomenon of hacktivism has seen steady expansion, marked by the emergence of numerous new groups. Concurrently, it was observed that a rise of ransomware groups took place, with the first half of 2023 witnessing an unprecedented surge in ransomware incidents, a trend that shows no signs of abating.
DDos attacks + Ransomware
DDoS and ransomware rank the highest among the prime threats, with social engineering, data related threats, information manipulation, supply chain, and malware following.
Methodology
Additional focus was concentrated on the various kinds of impacts cyber threats have in critical sectors, including the sectors listed in the Network and Information Security Directive 2 (NISD 2). Interesting insights may be drawn from the particularities and insight of each sector when it comes to the threat landscape, as well as potential interdependencies and areas of significance. ENISA is following up by developing sectorial threat landscapes, diving deeper into the elements of each sector and providing targeted insight.
The ETL 2023 report follows the same customary approach, drawing from diverse open-source data and cyber threat intelligence sources. It pinpoints significant threats, discerns emerging trends and offers practical high-level strategies for mitigating risk. This year's ETL continues to use the officially endorsed ENISA Cyber Security Threat Landscape Methodology2, which was released in 2022. The ENISA CTL Methodology serves as a foundational framework for the transparent and systematic creation of comprehensive cybersecurity threat landscapes, spanning horizontal, thematic, and sector-specific perspectives. This process is characterised by rigorous data collection and analysis procedures.
