The agency’s 2020 Threat Landscape report surveys the landscape of the bloc’s cyber resilience in the unprecedented context of the coronavirus pandemic, which has had a profound impact on cybersecurity formalities.
The crisis, the report states, has presented new challenges to EU cybersecurity but at the same time has afforded various new models for future transformation in this field.
“While working from home, cybersecurity specialists had to adapt existing defences to a new infrastructure paradigm, attempting to minimise the exposure to a variety of novel attacks where the entry points are employees’ Internet-connected home and other smart devices,” the report states.
“At the same time and under high-pressure, they had to implement solutions based on previously less trusted components, such as remote access through the public Internet, cloud services, unsecured video streaming services, and mobile devices and apps.”
In this vein, businesses had to quickly adapt and bolster their cybersecurity protocols amid a mass wave of remote working obligations, which, the report notes, had the effect of exerting great pressure on the capacities of the industry to contend with the new threat landscape.
“Furthermore, numerous modus operandi quickly adapted to the changing work patterns, cybersecurity professionals found themselves acting at the limits of their capacities.”
Certain forms of malicious cyber activity that have increased amid the pandemic include a proliferation of fraudulent online merchants, as well as cyberbullying and so-called ‘sextortion’ practices, a form of online sexual extortion.
Facing the ever-increasing prospect of further lockdowns, such issues remain pertinent and, as the EU pursues a more ambitious agenda in terms of its future digital transformation, cybersecurity obligations will only become more relevant, the survey says.
The most common cyber threat for 2019-2020, ENISA note, remains malware, used by cybercriminals, which often comes in the form of cryptominers, viruses, ransomware, worms, and spyware, as part of malicious software programmes.
In the threat analysis, malware is followed by web-based attacks and phishing as the next most common forms of nefarious cyber activity.
Generally, Tuesday’s report also lifts a lid on increased activity likely to be conducted by state-sponsored actors. Such includes malicious disinformation campaigns, “designed to influence perceptions or manipulate opinions in favour of a certain political agenda,” as well as an increasing cyber arms race between global adversaries and forms of data theft such as obtaining industrial secrets through espionage.
Earlier this year, European Commission President Ursula von der Leyer suggested that China may have been behind a spate of cyberattacks against hospitals in Europe during the coronavirus outbreak, stressing that the EU will not “tolerate” such malicious activity.
Moreover, at the beginning of June, NATO released a statement condemning “destabilizing and malicious cyber activities directed against those whose work is critical to the response against the pandemic, including healthcare services, hospitals and research institutes.”
NATO comments came after an April statement from the Commission’s foreign affairs chief Josep Borrell, who said “malicious cyber activities” had been recorded across Europe’s healthcare sector, including phishing and malware distribution campaigns, scanning activities, and distributed denial-of-service (DDoS) attacks.
Authorities in the Czech Republic had registered attacks on critical national infrastructures in the country, including one particular hit on Brno hospital. The country’s National Cyber and Information Security Authority (NÚKIB) issued a cybersecurity warning at the time.
The attacks prompted the EU executive to deliver a new EU security strategy in July, in which bolstered standards for European critical infrastructure was planned.
[Edited by Zoran Radosavljevic]