For Enisa, the cyberfront is deteriorating

Attention, for Enisa, the European Union’s cybersecurity agency, things are getting worse on the cyber front. In its latest threat status report, the agency, led by Estonian Juhan Lepassaar, is concerned, amid the “game-changing” Russian invasion of Ukraine, of increased threats along a wider perimeter.

Ransomware tops the list of threats

Thus, in this dense 150-page document that analyzes the panorama from July 2021 to June 2022, Enisa notes that the Ukrainian crisis has redefined the contours of cyberwarfare and hacktivism, whether it be the involvement of private companies or the emergence of fuzzy groups. The agency, for example, expects to see more cyber operations motivated by geopolitics, with the risk of collateral damage.

While ransomware is still at the top of the top threat list, Enisa is seeing a significant increase in denial-of-service attacks. This type of computer attack is becoming “more sophisticated,” the agency notes, noting its use in the context of the Ukraine conflict and its evolution towards mobile networks and the Internet of Things. Easier to implement than ransomware, denial-of-service attacks can serve as the basis for a ransomware attempt, for example.

0 days

The agency also reports a growing use of 0-day, these undisclosed vulnerabilities, in cyberattacks. This could be a reflection of the professionalism of the attackers, or evidence that more mature security forces them to hit harder. Enisa notes that cybercriminals most often use the ProxyLogon, ProxyShell, PrintNightmare and Log4Shell vulnerabilities.

However, phishing has been the most common intrusion vector, notes Enisa. Like gaining remote access via Remote Desktop Protocol, this is an inexpensive method of attack for attackers. It evolves with options focused on specific people, or leans towards SMS or voice calls.

The agency, which notes that malicious hackers are actively purchased from black markets to gain unauthorized access to organizations’ networks, finally believes that cybercriminal groups should continue to actively exploit the opportunities presented by newly discovered vulnerabilities in 2022. They should also focus more on the Internet of Things, VPNs and cloud infrastructures.

Back to top button

Adblock Detected

Please consider supporting us by disabling your ad blocker.