The ENISA Threat Landscape (ETL) report is the annual report of the European Union Agency for Cybersecurity, ENISA, on the state of the cybersecurity threat landscape. In October 2021, ENISA released the 9th edition of the report that covers a period of reporting starting from April 2020 up to July 2021.

Download ENISA's Thread Landscape report - 2021

The report report identifies prime threats, major trends observed with respect to threats, threat actors and attack techniques, and also describes relevant mitigation measures.

In the process of constantly improving our methodology for the development of threat landscapes, this year’s work has been supported by a newly formatted ENISA ad hoc Working Group on Cybersecurity Threat Landscapes (CTL).

The 9 top threats

During the reporting period (April 2020 to July 2021), the prime threats identified include:

  1. Ransomware;
  2. Malware;
  3. Cryptojacking;
  4. E-mail related threats;
  5. Threats against data;
  6. Threats against availability and integrity;
  7. Disinformation – misinformation;
  8. Non-malicious threats;
  9. Supply-chain attacks

Top Trends

For each of the identified threats, attack techniques, notable incidents and trends are discussed along with proposed mitigation measures. As regards trends, during the reporting period we highlight the following:

  • Ransomware has been assessed as the prime threat for 2020-2021.
  • Governmental organisations have stepped up their game at both national and international level.
  • Cybercriminals are increasingly motivated by monetisation of their activities, e.g. ransomware. Cryptocurrency remains the most common pay-out method for threat actors.
  • Malware decline that was observed in 2020 continues during 2021.
  • The volume of cryptojacking infections attained a record high in the first quarter of 2021, compared to recent years. The financial gain associated with cryptojacking incentivised threat actors to carry out these attacks.
  • COVID-19 is still the dominant lure in campaigns for e-mail attacks.
  • There was a surge in healthcare sector related data breaches.
  • Traditional DDoS (Distributed Denial of Service) campaigns in 2021 are more targeted, more persistent and increasingly multivector. The IoT (Internet of Things) in conjunction with mobile networks is resulting in a new wave of DDoS attacks.
  • In 2020 and 2021, we observe a spike in non-malicious incidents, as the COVID-19 pandemic became a multiplier for human errors and system misconfigurations, up to the point that most of the breaches in 2020 were caused by errors.

We use cookies on our website to support technical features that enhance your user experience.
We also use analytics. To opt-out from analytics, click for more information.

I've read it More information