Friend
Professional
- Messages
- 2,653
- Reaction score
- 850
- Points
- 113
What other threats do EU users face and who is behind it?
The European Union is facing an unprecedented increase in cyberattacks, according to the latest report from the European Union's Cyber Security Agency (ENISA). Between July 2023 and June 2024, more than 11,000 incidents were recorded. Of these, 322 attacks were aimed simultaneously at two or more EU member states.
The most common type of attack was distributed denial of service (DDoS) - 41.1% of the total number of incidents. Next in the ranking are ransomware attacks (25.8%) and data breaches (19%). ENISA experts emphasize that the geopolitical situation continues to be a powerful catalyst for malicious activity in cyberspace.
While DDoS attacks are often seen as relatively harmless, they can significantly disrupt critical services and infrastructure. The attackers most often targeted organizations in the fields of public administration (19%), transport (11%) and finance (9%).
Ransomware also remains a serious threat, despite a slight decrease in its activity. The most active groups in this area were LockBit, Cl0p, and PLAY. It is interesting to note that the Cl0p group, which operated in 2023 through two different zero-day vulnerabilities, made little or no presence felt in the first half of 2024.
With LockBit, the situation is the opposite: despite Operation Kronos to eliminate the group, it continued to demonstrate "stable activity" throughout the reporting period. However, ENISA notes that the scale of its resurgence has been exaggerated in studies and publications by various organizations.
ENISA draws attention to the development of detection evasion techniques used by cybercriminals. Attackers are increasingly using the Living-off-the-land (LOTL) method, disguising their malicious activity as legitimate processes. In addition, there is a trend towards increasing the use of such methods in the cloud environment.
The trend towards the "reuse" of victims, when the same organization is attacked several times, deserves special mention. Cybercriminals can exploit previously identified vulnerabilities or use stolen credentials for subsequent attacks.
During the reporting period, 19,754 vulnerabilities were identified, of which 9.3% were classified as critical and 21.8% were classified as high severity. Of particular concern are the 123 vulnerabilities included in the CISA list of known exploitable bugs.
There has been a significant increase in data theft incidents. Compared to the previous period, their number increased by 78%. According to IBM, 82% of all breaches affected information stored in the cloud, with 39% of incidents covering multiple environments (e.g., cloud and on-premises systems).
The use of artificial intelligence to manipulate information is still limited, but experts expect the development of this direction. According to NewsGuard, more than 1,000 news and information sites have already been identified that are AI-powered and operate with little or no human intervention. Among other trends, there is a sharp increase in the number of mobile banking Trojans. Studies show a 200% increase in their number compared to 2023.
The agency calls for closer cooperation between EU Member States and the private sector to effectively counter cyber threats and protect critical infrastructure.
Source
The European Union is facing an unprecedented increase in cyberattacks, according to the latest report from the European Union's Cyber Security Agency (ENISA). Between July 2023 and June 2024, more than 11,000 incidents were recorded. Of these, 322 attacks were aimed simultaneously at two or more EU member states.
The most common type of attack was distributed denial of service (DDoS) - 41.1% of the total number of incidents. Next in the ranking are ransomware attacks (25.8%) and data breaches (19%). ENISA experts emphasize that the geopolitical situation continues to be a powerful catalyst for malicious activity in cyberspace.
While DDoS attacks are often seen as relatively harmless, they can significantly disrupt critical services and infrastructure. The attackers most often targeted organizations in the fields of public administration (19%), transport (11%) and finance (9%).
Ransomware also remains a serious threat, despite a slight decrease in its activity. The most active groups in this area were LockBit, Cl0p, and PLAY. It is interesting to note that the Cl0p group, which operated in 2023 through two different zero-day vulnerabilities, made little or no presence felt in the first half of 2024.
With LockBit, the situation is the opposite: despite Operation Kronos to eliminate the group, it continued to demonstrate "stable activity" throughout the reporting period. However, ENISA notes that the scale of its resurgence has been exaggerated in studies and publications by various organizations.
ENISA draws attention to the development of detection evasion techniques used by cybercriminals. Attackers are increasingly using the Living-off-the-land (LOTL) method, disguising their malicious activity as legitimate processes. In addition, there is a trend towards increasing the use of such methods in the cloud environment.
The trend towards the "reuse" of victims, when the same organization is attacked several times, deserves special mention. Cybercriminals can exploit previously identified vulnerabilities or use stolen credentials for subsequent attacks.
During the reporting period, 19,754 vulnerabilities were identified, of which 9.3% were classified as critical and 21.8% were classified as high severity. Of particular concern are the 123 vulnerabilities included in the CISA list of known exploitable bugs.
There has been a significant increase in data theft incidents. Compared to the previous period, their number increased by 78%. According to IBM, 82% of all breaches affected information stored in the cloud, with 39% of incidents covering multiple environments (e.g., cloud and on-premises systems).
The use of artificial intelligence to manipulate information is still limited, but experts expect the development of this direction. According to NewsGuard, more than 1,000 news and information sites have already been identified that are AI-powered and operate with little or no human intervention. Among other trends, there is a sharp increase in the number of mobile banking Trojans. Studies show a 200% increase in their number compared to 2023.
The agency calls for closer cooperation between EU Member States and the private sector to effectively counter cyber threats and protect critical infrastructure.
Source
