Skip to main content
Shaping Europe’s digital future
News article | Väljaanne

The 9th edition of the ENISA Threat Landscape Report

The ENISA Threat Landscape Report (ETL) maps the cyber threat landscape to help decision-makers, policy-makers and security specialists define strategies to defend citizens, organisations and cyberspace.
This work is part of the EU Agency for Cybersecurity’s annual work programme to provide strategic intelligence to its stakeholders.
The report’s content is gathered from open sources such as media articles, expert opinions, intelligence reports, incident analysis and security research reports; as well as through interviews with members of the ENISA Cyber Threat Landscapes Working Group (CTL working group).

Main Cybersecurity Threats


The ENISA Threat Landscape 2021 (ETL) report is the annual report of the EU Agency for Cybersecurity, ENISA, on the state of the cybersecurity threat landscape. The 9th edition released today covers a period of reporting starting from April 2020 up to July 2021.

Cybersecurity threats are on the riseRansomware ranks as a prime threat for the reporting period. For each of the identified threats, attack techniques, notable incidents and trends are identified alongside recommendations. The new report also features a list of trends concerning threat actors.

Supply-chains attacks rank highly among prime threats because of the significant potential they have in inducing catastrophic cascading effects. The risk is such that ENISA recently produced a dedicated threat landscape report for this specific category of threat.

The 9 top threats identified due to their prominent materialisation over the reporting period:

  1. Ransomware;
  2. Malware;
  3. Cryptojacking;
  4. E-mail related threats;
  5. Threats against data;
  6. Threats against availability and integrity;
  7. Disinformation – misinformation;
  8. Non-malicious threats;
  9. Supply-chain attacks.

Key trends

The COVID-19 crisis has created possibilities for adversaries who used the pandemic as a dominant lure in campaigns for email attacks for instance. Monetisation appears to be the main driver of such activities.

The techniques that threat actors are resorting to are numerous. The non-exhaustive list below presents some of the most prevalent ones identified in the report, across all threats:

  • Ransomware as a Service (RaaS)-type business models;
  • Multiple extortion ransomware schemes;
  • Business Email Compromise (BEC);
  • Phishing-as-a-service (PhaaS);
  • Disinformation-as-a-Service (DaaS) business model; etc.

For more etailed information, refer to the full report