Cyber Threats

Insights into the evolving cybersecurity threat landscape allows us address challenges and enhance our future mitigation plans.

ENISA continuously enhances Europe's cybersecurity resilience by publishing comprehensive assessments of the cyber threat landscape. The Agency's flagship annual ENISA Threat Landscape (ETL) report combines strategic and technical elements, catering to both technical and non-technical audiences. It provides a broad view of cybersecurity status, mapping the most prevalent threats and trends, and discussing each threat, attack technique, notable incident, and trend along with proposed mitigation measures and strategies.

ETL is based on information from open sources, mainly of a strategic nature and ENISA’s own Cyber Threat Intelligence (CTI) capabilities. It covers more than one sector, technology and context. The report aims to be industry and vendor agnostic. It cites the work of various security researchers, security blogs and news media articles throughout the text in multiple footnotes to validate findings and statements. The time span of the ETL report is July to June of each annual year. 
Over time, the ETL has become a crucial tool for understanding the EU's cybersecurity state, offering insights that guide decisions and prioritise actions and recommendations.

According to the latest  ETL report, seven prime cybersecurity threats have been identified: threats against availability, ransomware, threats against data, malware, social engineering, information manipulation and interference, and supply chain attacks. Trends include zero-day exploits, complex DDoS attacks, expanding hacktivism around major events, AI-enabled disinformation and deepfakes, and ongoing regional conflicts shaping the cybersecurity landscape.
ENISA employs the CTL methodology to establish a baseline for transparent, systematic delivery of cybersecurity threat landscapes. This promotes transparency and consistency, supporting risk mitigation, situational awareness, and proactive responses to future challenges. Sectorial threat landscapes that focus on threats and trends across vertical sectors, as well as targeted analyses on technical threat landscapes are also regularly explored by ENISA to reinforce their cybersecurity posture while considering sector characteristics.

In line with the ENISA’s strategic objective, “Foresight on Emerging and Future Cybersecurity Opportunities and Challenges”, the Agency seeks to increase awareness of future threats and countermeasures amongst its Member States and European Union Institutions, Bodies and Agencies (EUIBAs) stakeholders. 
To achieve this goal, ENISA has developed its own cybersecurity foresight methodological framework created in collaboration with the Ad-Hoc Working Group and grounded in foresight research and future studies.
The 2024 edition of the Foresight 2030 report conclude in the following top ten list of emerging cybersecurity threats to have an impact by 2030:

  1. Supply Chain Compromise of Software Dependencies
  2. Skill Shortage
  3. Human Error and Exploited Legacy Systems Within Cyber-Physical Ecosystem
  4. Exploitation of Unpatched and Out-of-date Systems within the Overwhelmed Cross-sector Tech Ecosystem [New in Top Ten]
  5. Rise of Digital Surveillance Authoritarianism / Loss of Privacy
  6. Cross-border ICT Service Providers as a Single Point of Failure
  7. Advanced Disinformation / Influence Operations (IO) Campaign
  8. Rise of Advanced Hybrid Threats
  9. Abuse of AI
  10. Physical Impact of Natural/Environmental Disruptions on Critical Digital Infrastructure [New in Top Ten]

Since 2022, ENISA also organises the ‘ThreatHunt 2030’ conference, which is the first conference on cybersecurity foresight in Europe attracting hundreds of experts across the EU. For more information, please contact the ENISA foresight team.