The European Union Agency for Cybersecurity (ENISA) and the CERT of the EU institutions, bodies and agencies (CERT-EU) have jointly released an alert on sustained activity by particular threat actors. These malicious cyber activities ‘pose a significant and ongoing threat to the European Union’.
Key points from the alert include:
- Recent operations pursued by these actors focused mainly on information theft, primarily via establishing persistent footholds within the network infrastructure of organizations of strategic relevance.
- ENISA and CERT-EU strongly encourage all public and private sector organisations in the EU to apply the recommendations listed in the joint publication ‘Sustained Activity by specific Threat Actors’.
- By applying these recommendations in a consistent and systematic manner, ENISA and CERT-EU remain confident that organizations will reduce the risk of being compromised by these specific advanced persistent threats (APTs), as well as substantially improving overall cyber security posture and resilience.