- by David Goldstein -
Cyber threats to businesses online and internet users are on the rise, the ENISA Threat Landscape 2021 report finds, with the largest threats being ransomware, followed by malware. And throughout 2020 and 2021 as people regularly worked from home throughout the COVID pandemic, spurred by an ever-growing online presence, the types of cyberattacks changed.
As the ENISA Threat Landscape (ETL) 2021 report says, “cybersecurity threats are on the rise. Spurred by an ever-growing online presence, the transitioning of traditional infrastructures to online and cloud-based solutions, advanced interconnectivity and the exploitation of new features of emerging technologies such as Artificial Intelligence (AI), the cybersecurity landscape has grown in terms of sophistication of attacks, their complexity and their impact. Notably, the threat to supply chains and their significance due to their potentially catastrophic cascading effects has reached the highest position among major threats, so much so that ENISA produced a dedicated threat landscape for this category of threat.”
For businesses, cybersecurity is paramount. “Cybersecurity must be seen as a strategic business issue that impacts decision-making”, said Nancy Luquette, EVP, Chief Risk and Compliance Officer at S&P Global in another report, the World Economic Forum’s Global Cybersecurity Outlook 2022 Insight Report. “To mitigate risks like ransomware and social engineering, organisations must ask not simply how they are protected, but how well – with an eye to strength, sophistication and efficacy.”
In their report, ENISA identified the following 8 prime threat groups that businesses need to be aware of:
Ransomware: a type of malicious attack where attackers encrypt an organisation’s data and demand payment to restore access. It has been the prime threat during the reporting period.
Malware: software or firmware intended to perform unauthorised processes that will have an adverse impact on the confidentiality, integrity, or availability of a system. Malware’s threat has consistently ranked high for many years, albeit at a decreasing rate during the ETL 2021 reporting period. The use of new attach techniques and some major wins for the law enforcement community have impacted the operations of relevant threat actors.
Cryptojacking: Cryptojacking or hidden cryptomining is a type of cybercrime where a criminal secretly uses a victim’s computing power to generate cryptocurrency. With the proliferation of cryptocurrencies and their ever-increasing uptake by the wider public, an increase in corresponding cybersecurity incidents has been observed.
Email related threats: Email-related attacks are a bundle of threats that exploit weaknesses in the human psyche and in everyday habits, rather than technical vulnerabilities. Interestingly and despite many awareness and education campaigns against these types of attacks, the threat persists to a notable degree. In particular, the compromise of business emails and advanced sophisticated techniques in extracting monetary gains are on the rise.
Threats against data: encompassing data breaches/leaks, they are the release of sensitive, confidential or protected data to an untrusted environment. Data breaches can occur as a result of a cyber-attack, an insider job, unintentional loss or exposure of data. The threat continues to be high, since access to data is a prime target for attackers for numerous reasons such as extortion, ransom, defamation, misinformation.
Threats against availability and integrity: Availability and integrity are the target of a plethora of threats and attacks, among which the families of Denial of Service (DoS) and Web Attacks stand out. Strictly related to web-based attacks, DDoS is one of the most critical threats to IT systems, targeting their availability by exhausting resources, causing decreases in performance, loss of data, and service outages. The treat is consistently ranked high in the ENISA threat landscape, both because of its manifestation in actual incidents and its potential for high impact.
Disinformation – misinformation: Disinformation and misinformation campaigns are on the rise, spurred by the increased use of social media platforms and online media, as well as a result of the increase of people’s online presence due to the COVID-19 pandemic. Disinformation and misinformation campaigns are frequently used in hybrid attacks to reduce the overall perception of trust, a major proponent of cybersecurity.
Non-malicious threats: These are threats commonly considered as voluntary and malicious activities brought by adversaries that have some incentives to attack a specific target, including threats where malicious intent is not apparent. These are mostly based on human errors and system misconfigurations, but they can also refer to physical disasters that target IT infrastructures.
The ETL 2021 report also summarises the main trends observed in the cyber threat landscape during the reporting period. These are:
The current prime threat identified in the ETL 2021 report is ransomware. It causes business a lot of problems and costs including “the amount of ransom, downtime, and the cost of people and actual operational and technical remediation.” ENISA notes a survey across 30 countries found the overall cost of remediating a ransomware attack has vastly increased, from $761,106 in 2020 to $1.85 million in 2021.
Another report from the World Economic Forum found ransomware attacks rose 151% in 2021 with an average of 270 cyberattacks per organisation during 2021, this a 31% increase on 2020. According to the WEF’s report, each successful cyber breach costing a company $3.6m. After a breach becomes public, the average share price of the hacked company underperforms the NASDAQ by -3 percent even six months after the event.
“During a ransomware attack, key infrastructure is often targeted to paralyse the organisation, causing the inability to provide proper service and run internal operations. The average downtime of organisations has increased over the last year” increasing from 15 days in Q1 2020 to 23 days in Q2 2021.
Aside from the incident costs, repercussions on business opportunities and revenues have also been observed. “A survey of 1,263 respondents reported that 66% of their organisations suffered significant revenue losses due to ransomware attacks, where company size appears to have minimal impact on revenue loss. The results underline the fact that every industry vertical is vulnerable to a statistically significant chance of revenue loss following successful ransomware.”
Looking forward, ENISA believes “threat actors will very likely continue pursuing their strategic objectives by conducting cyber-enabled information operations for the next decade focusing on important geopolitical issues like elections, public health, humanitarian crises, human rights, and security.” They further believe “threat actors will very likely continue leveraging the latest technology (e.g. Artificial Intelligence, deep fakes, voice biometrics) to impersonate individuals as part of their information operations.” And finally, that “it is possible that there will be increased leveraging of Information-Operations-as-a-Service together with increased competition of these disinformation networks.”
It’s a view echoed by the World Economic Forum. As technologies evolve and new ones are developed, new threats emerge. “Frontier technologies like AI, robotics, quantum computing, the ever-evolving adoption of the internet of things (IoTs), cloud computing, blockchain and remote working/distance learning models represent the future of our digital world.”
“The potential cyber risks and vulnerabilities of these new technologies should be on minds of every leader when considering technology adoption and implementation. Nearly half (48%) of the World Economic Forum’s Cyber Outlook survey respondents say that automation and machine learning will introduce the biggest transformation in cybersecurity in the short term future.”
Please feel free to contact the Brandshelter team to learn how you can protect your business from cyberattacks.