Cybersecurity: main and emerging threats

Find out about the top cyber threats in 2024, the most affected sectors and the impact of the war in Ukraine.

Online form which asks for personal information.

The digital transformation has inevitably led to new cybersecurity threats. During the coronavirus pandemic, companies had to adapt to remote working and this created more possibilities for cybercriminals. The illegal war in Ukraine and other conflicts have also affected cybersecurity, as did the rise of AI tools.

In response to the evolution of cybersecurity threats, the European Parliament adopted a new EU directive introducing harmonised measures across the EU, including on the protection of essential sectors.

Top cybersecurity threats in 2024 and beyond

The Threat Landscape 2024 Report  by the European Union Agency for Cybersecurity (Enisa) analysed the prime cyberthreats from July 2023 to June 2024 at both global and EU level. Seven main threats were identified, with the top three being threats against availability, followed by ransomware and threats against data.

The main motivations for cyberattacks were financial gain, espionage, destruction and ideological reasons.

1. Threats against availability (Denial of Service)


These common types of attack aim to prevent users from using data or services. One way to do that is to overload the network infrastructure and make a system unavailable.

Attacks of this type are getting larger, more complex and less expensive to perpetrate and are strongly connected to cyberwarfare. For example, they were employed by both sides during the conflicts between Russia and Ukraine or Israel and Palestine.

2. Ransomware 


Hackers use ransomware attacks to seize control of someone’s data and demand a ransom to restore access.
In 2024, ransomware attacks continued to be one of the main cyberthreats. These attacks target a broad spectrum of industries - the most frequently attacked sectors were industrial and manufacturing, followed by retail, and digital service providers.

Successful attacks can cause significant financial losses, operational disruptions, and reputational damage. The tactics used by cybercriminals are rapidly evolving and attacks are getting more complex.

3.Threats against data


We live in a data-driven economy, producing huge amounts of data that are extremely important for, among others, enterprises and Artificial Intelligence, which makes it a major target for cybercriminals. Threats against data can be mainly classified as data breaches (intentional attacks by a cybercriminal, like identity theft) and data leaks (unintentional releases of data).

AI chatbots are a powerful tool in the hands of cyber-attackers carrying out data-breaches, but are also targets of such attacks - attackers can input specific instructions into AI chatbots to obtain sensitive information and expose organisations to data leaks.

Infographic on the types of cybersecurity threats - denial of service and ransomware are the most commonly reported threats.

4. Social engineering threats

Tricking victims into opening malicious documents, files or emails, visiting websites and thus granting unauthorised access to systems or services. The most common attack of this sort is phishing (through email) or smishing (through mobile text messages).

To dodge corporate defences, perpetrators increasingly turn to social media and communication platforms to perform their attacks. Personal accounts, typically less secure than corporate ones, are especially vulnerable.

Quishing (using fraudulent QR codes) has seen a surge. Enisa also warns against vishing, when attackers impersonate a trusted entity (for example, a bank employee) via a phone call. Generative AI makes preparing attacks using social engineering much easier.

5. Malware


Malware includes viruses, worms, Trojan horses and spyware. This threat remains at a high level, as cybercriminals are always inventing new means of attack and bypassing security measures. There was a surge in malware targeting banking applications in 2023-2024. An especially popular form are information stealers - malware that pilfers sensitive data. Malware can be spread for example by e-mail or can even be embedded in online ads.

6. Information manipulation and interference


The increasing use of social media platforms and online media has led to a rise in campaigns spreading disinformation (purposefully falsified information) and misinformation (sharing wrong data).

For example, Russia has used this technique to target perceptions of the war in Ukraine. Manipulating information in response to specific news seems to have increased, probably because 2024 saw many major events, such as elections.

Deepfake technology means it is now possible to generate fake audio, video or images that are almost indistinguishable from real ones. Bots pretending to be real people can disrupt online communities by flooding them with fake comments.

7. Supply-chain attacks

This is a combination of two attacks - on the supplier and on the customer, and they target the relationship between the two. Organisations are becoming more vulnerable to such attacks, because of increasingly complex systems and a multitude of suppliers, which are harder to oversee.

Infographic showing the number of cybersecurity incidents by sector, with public administration and transport being the most affected sectors.

Top sectors affected by cybersecurity threats


Cybersecurity threats in the European Union are affecting vital sectors. According to Enisa, the top six sectors affected between July 2023 and June 2024 were:

  1. Public administration (19% of incidents reported)
  2. Transport (11%)
  3. Banking/finance (9%)
  4. Business services (8%)
  5. Digital infrastructure (8%)
  6. General public (8%)
  7. Manufacturing (6%)
  8. Media (5%)
  9. Health (4%)

The impact of the war in Ukraine on cyberthreats

Russia continued to use information manipulation as a key element of its war of aggression against Ukraine. Cyber operations are used alongside traditional military action.

According to Enisa, actors sponsored by the Russian state have carried out cyber operations against entities and organisations in Ukraine and in countries that support it.

Hacktivist (hacking for politically or socially motivated purposes) activity has also increased, with many conducting attacks to support their chosen side of the conflict.

Use of AI in cyberattacks
 

Enisa observes that cybercriminals use artificial intelligence to enhance their existing techniques of attack. For example, large language models make massive distribution of fake narratives, disseminated through social media posts, articles, photos or doctored videos, much easier. Deepfakes or other images or audio generated by AI have become almost indistinguishable from reality.

Cybercrime and cybersecurity

Related articles

Share this article on: