AI-Driven Security Operations , Artificial Intelligence & Machine Learning , Fraud Management & Cybercrime

ENISA 2024: Ransomware and AI Are Posing New Cyberthreats

ENISA's Ifigeneia Lella Shares Highlights of 2024 Threat Landscape Report
Ifigeneia Lella, cybersecurity expert, ENISA

While the number of ransomware attacks stayed about the same over the past year, cybercriminals are using more effective tactics - such as weaponizing breach disclosure deadlines - to extract higher ransoms, according to a recent report from the European Union Agency.

See Also: Preparing for New Cybersecurity Reporting Requirements

In the EU, the deadline for breach reporting under GDPR is 72 hours. "Threat actors are using the regulations to put more pressure on the victims. This is quite an interesting trend," said Ifigeneia Lella, cybersecurity expert at ENISA.

ENISA's Threat Landscape 2024 report showed how ransomware groups and other cybercriminals are improving their results with AI-driven phishing campaigns, software supply chain attacks and malware that evades detection. The report also outlined how threat actors were merging geopolitical tensions and hacktivism to escalate attacks. The top three targeted sectors were public administration, transportation and finance.

The rise of generative AI tools is becoming a factor in an increasing number of social engineering attacks, she said.

"With AI, phishing emails are more precise, and deepfake technology makes attacks even harder to spot," Lella said.

In this video interview with Information Security Media Group, Lella also discussed:

  • How cybercriminals are changing tactics and relying on AI technology to scale up more advanced phishing and social engineering attacks;
  • The rise of living-off-the-land techniques used by attackers to evade detection;
  • The role of geopolitical tensions and hacktivism in escalating cyberthreats.

Lella joined ENISA in 2016 as a cybersecurity officer and led the Threat Landscape initiative since 2021. She previously managed identity management projects as a security engineer at the European Central Bank and was an information security officer in the Hellenic Telecommunications Organisation.


About the Author

Anna Delaney

Anna Delaney

Director, Productions, ISMG

An experienced broadcast journalist, Delaney conducts interviews with senior cybersecurity leaders around the world. Previously, she was editor-in-chief of the website for The European Information Security Summit, or TEISS. Earlier, she worked at Levant TV and Resonance FM and served as a researcher at the BBC and ITV in their documentary and factual TV departments.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.com, you agree to our use of cookies.