While knowing what types of cyberattacks are being launched is crucial, it’s often just as important to know what types are increasing and what types are decreasing. An annual report published by the European Union Agency for Cybersecurity (ENISA) notes that of 15 types of cybersecurity threats identified five are trending upwards and another five are heading in the opposite direction. The other five remain steady year over year.
The threats that are increasing include phishing, identity theft, insider threats, information leakage, and ransomware. The five that are holding steady are spam, distributed denial of service (DDoS), botnets, cyberespionage, and cryptojacking.
The other five threats rounding up the top 15 identified by the agency are malware; web-based attacks; web application attacks; data breaches; and physical manipulation, damage, theft, and loss.
Overall, the top five threats as ranked by the agency are malware, web-based attacks, phishing, web application attacks, and spam.
Changing attack patterns
The report authors attribute much of the shift in the patterns of attacks to cybercriminals shifting tactics in the wake of the COVID-19 pandemic. For example, the number of fake online shopping websites and fraudulent online merchants reportedly has increased during the COVID-19 pandemic. The number of cyberbullying and sextortion incidents also increased during the COVID-19 pandemic, and malicious actors are using social media platforms to increase the efficiency of targeted attacks.
The report also notes finely targeted and persistent attacks on high-value data are being meticulously planned and executed most often by state-sponsored actors.
Ransomware attacks are also still widespread, and massively distributed attacks with a short duration and wide impact are being employed as part of efforts to steal credentials.
The report itself is based on an analysis of incidents, intelligence reports, and articles in the media, as well as interviews with members of the ENISA Threat Landscape stakeholders group who are experts in the field and members of the EU Cyber Threat Intelligence Community.
Overall, the report concludes cybercriminals have advanced their capabilities when it comes to credential-stealing methods, credential-stuffing, highly targeted phishing attacks, advanced social engineering attacks, advanced malware obfuscation techniques, and more extensive penetration of mobile platforms. The report also warns that if cybercriminals combine these techniques with advances in machine learning technologies and other forms of artificial intelligence (AI) there will be a significant increase in successful attacks and undetectable campaigns.
The report concludes that organizations will have to invest in automating cybersecurity technologies to keep pace as the overall size of the attack surface that needs to be defended continues to expand. That may not come as surprise to most cybersecurity professionals. The challenge, now more than ever, is convincing organizations to make the investments required to keep up with what has become nothing less than a cybersecurity arms race.
Whether that translates into an expansion of the cybersecurity budget or merely a shift in how cybersecurity budgets are allocated will vary by organization. Standing pat on existing cybersecurity investments or, worse yet, decreasing those investments is likely to result in a very negative outcome indeed.
Mike Vizard has covered IT for more than 25 years and has edited or contributed to a number of tech publications including InfoWorld, eWeek, CRN, Baseline, ComputerWorld, TMCNet, and Digital Review. He currently blogs for IT Business Edge and contributes to CIOinsight, The Channel Insider, Programmableweb, and Slashdot. Mike also blogs about emerging cloud technology for SmarterMSP.