EU ENISA Threat Landscape Report: Ransomware has become the biggest threat

The 9th edition of the ENISA Threat Landscape (ETL) report published by the European Union Cyber ​​Security Agency shows a continued surge in cybercriminal activity involving ransomware or cryptojacking. The report is research conducted between April 2020 and July 2021 to help governments and companies understand cybersecurity threats and develop technologies to address the problem.

specific contents

High-profile ransomware attacks in recent months include a May attack on the Colonial Pipeline that caused fuel outages in the eastern U.S., and a separate case involving Brazilian company JBS SA, the world’s largest meat packer. Cybersecurity threats continue to rise, with ransomware listed as the top threat during the reporting period, along with a trending list of threat actors.

Juhan Lepassaar, Executive Director of the European Union Cyber ​​Security Agency, said: “Given the importance of ransomware, having the right threat intelligence will help the entire cybersecurity community develop the technologies needed to best prevent such attacks. The approach is to strengthen the fight against cybercrime and ransomware in a more concrete way around the need highlighted by the European Council.”

Unsurprisingly, supply chain attacks rank high among the top threats because of their enormous potential to trigger catastrophic knock-on effects. The risk is so great that ENISA recently produced a dedicated threat landscape report for this particular category of threats.

The top nine threats are: ransomware, malware, cryptojacking, email-related threats, threats to data, threats to network availability and integrity, disinformation/misinformation, non-malicious threats, supply chain attacks .

The report highlighted the health sector as an important target, especially between May and July this year, as hackers searched for vaccine information.

Public administrations and governments, as well as digital service providers, also reported a high number of incidents. Hackers prefer to pay in cryptocurrencies. Other growing cyber threats mentioned in the report include cryptojacking, in which criminals use the computing power of victims to generate cryptocurrency, which reached an all-time high in the first quarter of this year, and misinformation and disinformation.

Three threats to watch


Ransomware is a malicious attack in which attackers encrypt an organization’s data and demand payment to restore access. Ransomware has been a major threat, and the importance and impact of the ransomware threat is reflected in a series of related policy initiatives in the European Union (EU) and around the world.


Cryptojacking, or hidden cryptocurrency mining, is a type of cybercrime in which criminals secretly exploit victims’ target computers to generate cryptocurrency. With the proliferation of cryptocurrencies and their acceptance by the wider public, there has been a corresponding increase in cybersecurity incidents. Cryptocurrencies remain the most common payment method for threat actors.

Misinformation and false information

This type of threat first appeared in the ENISA Threat Landscape Report.

in conclusion

Cyber ​​threat actors are entities designed to conduct malicious acts by exploiting existing vulnerabilities with the intent to harm victims. Understanding how threat actors think and act, what their motivations and goals are, is an important step toward a more robust cyber incident response. Monitoring the latest developments in tactics and techniques used by threat actors to achieve their goals is critical to effective defense in today’s cybersecurity ecosystem. Such threat assessments allow us to prioritize security controls and develop appropriate policies based on the potential impact and likelihood of threat realization.

The Links:   LM64C149 STPS12045TV