1. According to the ENISA Threat Landscape report for 2023, what emerges as the primary threat within cyberspace? Why is this particular threat deemed particularly alarming? Furthermore, based on the insights provided in the document, what strategies are recommended to effectively mitigate this threat? answer:The European Union Agency for Cybersecurity (ENISA) released on Thursday its eleventh annual report on the cybersecurity threat landscape, providing crucial insights into the current state of cyber threats. It identifies the top threats and major trends observed concerning threats, threat actors, and attack techniques while focusing on impact and motivation analysis. It also describes relevant mitigation measures. This year’s work has again been supported by ENISA’s ad hoc Working Group on Cybersecurity Threat Landscapes (CTL). “In the latter part of 2022 and the first half of 2023, the cybersecurity landscape witnessed a significant increase in both the variety and quantity of cyberattacks and their consequences,” the ENISA Threat Landscape 2023 report identified. “The ongoing war of aggression against Ukraine continued to influence the landscape. Hacktivism has expanded with the emergence of new groups, while ransomware incidents surged in the first half of 2023 and showed no signs of slowing down.” The ENISA Threat Landscape report maps the cyber threat landscape to help decision-makers, policy-makers, and security specialists define strategies to defend citizens, organizations, and cyberspace. The work is part of the ENISA’s annual work program to provide strategic intelligence to its stakeholders. Its content is gathered from open sources such as media articles, expert opinions, intelligence reports, incident analysis, and security research reports; as well as through interviews with members of the ENISA Cyber Threat Landscapes Working Group. The prime threats identified and analyzed include ransomware, malware, social engineering, threats against data, threats against availability covering denial of service and Internet threats, information manipulation and interference, and supply chain attacks. During the reporting period, key findings include DDoS and ransomware ranking the highest among the prime threats, with social engineering, data-related threats, information manipulation, supply chain, and malware following. A noticeable rise was observed in threat actors professionalizing their as-a-service programs, employing novel tactics and alternative methods to infiltrate environments, pressure victims, and extort them, advancing their illicit enterprises. ENISA Threat Landscape Report 2023 identified public administration as the most targeted sector (~19 percent), followed by targeted individuals (~11 percent), health (~8 percent), digital infrastructure (~7 percent), manufacturing, finance, and transport. The report also disclosed that information manipulation has been a key element of Russia’s war of aggression against Ukraine has become prominent. State-nexus groups maintain a continued interest in dual-use tools (to remain undetected) and in trojanizing known software packages. Cybercriminals increasingly target cloud infrastructures, have geopolitical motivations in 2023, and increase their extortion operations, not only via ransomware but also by directly targeting users. Lastly, social engineering attacks grew significantly in 2023 with artificial intelligence (AI) and new techniques emerging, but phishing remains the top attack vector. The ENISA Threat Landscape report also revealed that resourceful hackers have been observed to misuse legitimate tools primarily to prolong their cyber espionage operations. They aimed to evade detection for as long as possible and obscure their activities by using widely available software from most systems, making it more challenging for defenders to identify them. Maximizing their chances of success when it comes to an intrusion by not arousing the victim’s suspicions It also disclosed that geopolitics continues to have a strong impact on cyber operations. By using extortion-only techniques criminal organizations have been progressively blending extortion methods that almost invariably incorporate some form of data theft. Double extortion has witnessed a notable rise, with certain groups even relying solely on the act of stealing information. The ENISA Threat Landscape report also identified increased operations by law enforcement, such as the takedown of Hive ransomware group’s IT infrastructure or Trickbot; Cl0p rose in the first half of 2023 with the weaponization of two zero-days. One of the biggest malware threats is still information stealers such as Agent Tesla, Redline Stealer, and FormoBook. Also, the report said that there is a steady decline in classic mobile malware, with adware remaining in numbers of occurrences the most prevalent threat to mobile devices while in terms of impact, spyware can be seen as the most prevalent threat to mobile devices. “Hacktivists are increasingly claiming that they target OT environments but public reporting indicates they often overestimate or do not substantiate their claims,” according to ENISA. “Phishing is once again the most common vector for initial access. But a new model of social engineering is also emerging, an approach that consists of deceiving victims in the physical world. Business e-mail compromise (BEC, VEC) remains one of the attacker’s favourite means for obtaining financial gain.” It added that the move from Microsoft macros to ISO, Onenote, and LNKfiles is continuing, a shift towards the use of LNK and ISO/ZIP files as well as Onenote files in response to Microsoft’s macro changes. ENISA Threat Landscape also reported that data compromise increased in 2023. There was a rise in data compromises leading up to 2021, and although this trend remained relatively stable in 2022, it began to increase once more in 2023. “There has been a surge in AI chatbots impacting the cybersecurity threat landscape. The disruptive impact and the exponential adoption of generative artificial intelligence chatbots such as OpenAI ChatGPT, Microsoft Bing, and Google Bard are changing the way in which we work, live and play, all built around data sharing and analysis,” it added. The threat landscape report also found that DDoS attacks are getting larger and more complex, are moving towards mobile networks and IoT, and are being used in the context of being used in support of additional means in the context of a conflict. Internet shutdowns are at an all-time high. Internet availability threats are keeping up their momentum, especially in the post-COVID era, due to the increasing reliance of human activities and society on Internet technologies. Information manipulation is a key element of Russia’s war of aggression against Ukraine. Information manipulation has been an essential and well-established component of Russia’s security strategies, ENISA reported. The number of analyzed events for the reporting period has also grown significantly. Additionally, ‘cheap fakes’ and AI-enabled manipulation of information continue to be a cause for concern. In the past months, the debate on the use of AI to manipulate information has heated up both within and beyond the circle of industry professionals. ENISA Threat Landscape report also disclosed that threat groups have an increased interest in supply chain attacks and exhibit an increasing capability by using employees as entry points. Threat actors will continue to target employees with elevated privileges, such as developers or system administrators. Throughout the reporting period, EU member states continued to be affected by the ongoing geopolitical crisis, with a growing number of threat actors directing their efforts against both public and private organizations. These kinds of events more often fall under the DDoS threat with little to no impact in most of the cases reported through OSINT. Ransomware attacks have also increased in the EU. ENISA observed approximately 2,580 incidents, with an additional 220 incidents specifically targeting two or more EU member states (labeled ‘EU’), which shows a timeline of when the events were first reported through the OSINT channels. In addition, throughout this iteration of the ENISA Threat Landscape report it can be seen that ransomware and DDoS remain the two prime threats for the EU. During the reporting period, ENISA reported that the prime threat was ransomware and it appears to target the entire range of the sectors). The most targeted sectors were manufacturing (14 percent out of ransomware events), health (13 percent), public administration (11 percent) and services (9 percent). These are followed by DDoS attacks and data-related threats. Thirty-four percent of the DDoS attacks targeted public administration, followed by the transport (17 percent) and banking/finance sectors (9 percent). Data-related threats targeted all sectors, with the ones that hold personal information being more affected. These included public administration (16 percent) and health (10 percent). One-fifth of the events involving malware affected the general public (targeted individuals, 20 percent), followed by malware infections in public administration (13 percent), digital infrastructure (13 percent), banking and finance (12 percent), and digital service providers (7 percent). All sectors were targeted by 11 percent of the reported malware infections. Out of the observed events related to social engineering, 30 percent were aimed at the general public, 18 percent at public administration, and 8 percent at all sectors. Likewise, information manipulation campaigns targeted individuals (47 percent), public administration (29 percent), followed by the defense (9 percent) and media/entertainment (8 percent) sectors. As expected, threats against the availability of the Internet primarily affected digital infrastructure (28 percent) and digital service providers (10 percent). Public administration (15 percent), individuals (10 percent), and ‘all sectors’ (11 percent) were also affected, as they are dependent on digital infrastructure and services. Supply chain attacks affected public administration (21 percent) and involved primarily the digital service providers (16 percent), digital infrastructure (10 percent), and energy (9 percent) sectors. Likewise, the exploitation of vulnerabilities was associated with events targeting digital service providers (25 percent), digital infrastructures (23 percent), and public administration (15 percent), and they affected all sectors (8 percent) and targeted individuals (8 percent) to a greater degree. 2. Visit the website www.csk.gov.in and outline some of the recommended best practices for securing personal computers. answer:online shopping best practices ;Alwaysvisittrustedwebsites todoyouronlineshopping. Keepyourdevicesecuredwithantivirus,anti-malware solutions. Keeptrackofyourdigitalpayments. Checkthesecurityaspectsofthewebsite, suchaswhether thesiteis securedwithhttps//:orapadlockonthebrowser addressbar. Neverrespondtoemails thataskaboutyourpersonal informationandaccountdetails. Changeyourpasswords frequently. Alwaysuseasecuredinternetconnection. AvoidusingpublicWi-Fifordoingfinancialtransactions. Don'tclickonsuspicious linksoffering discountsorprizes that seems toogoodtobetrue. Online Shopping Best Practices Verify the genuinity of the brand and ecommerce website. Verify the genuineness before paying online through credit cards. Check whether you are paying for the right product. E-mail Best Practices Always use e-mailfiltering software to avoid spam so that only messages from authorized users are received. Avoid opening links/attachments from unknown sources as they may be malicious . Regularly scan your system with updated antivirus and anti- malware software. Spam Avoid filling of forms that comes via unsolicited email or clicking on links in emails received from untrusted sources. Emailsormessagesthatcreatea senseofurgencyisawarning! Tips for E-mail Safety 5 Enable Multi-Factor Authentication Browser Best Practices Alwaysupdateyourwebbrowserwiththelatestpatches. Disablepop-upwindows inyourbrowser. Deletebrowsercookiesandcacheregularly. Enableprivatebrowsingorincognitomode. Becarefulwiththewebsites/linksyouvisit. ExpandshortenedURLsandverifythembeforeclicking. Use privacy or security settings that are inbuilt into the browser. Disabletheloginandpasswordrememberoption. Enablewarntheuseroptionwhenwebsites trytoinstall extensionsorthemes. Enable"SafeSearch"ONinSearchEngines. Social Media Best Practices Best Practices Avoid sharing your personal information like address, mobile number, personal mail id and other sensitive identity related information on social media. Do not share your personal pictures online publicly on social media accounts. Never accept friend requests without appropriate verification and confirmation. Never click on suspicious links or download any app recieved through messages until you verify the authenticity of the source. Use different passwords for different social media accounts and emails. Enable multi-factor authentication for social media accounts. Disable profile visibility from public searches. Log out after each session. Never share social media credentials with any one. Keep the privacy settings of social media profile at most restricted level, especially for public viewing. Apply maximum caution while sharing photographs, videos, status, comments etc. Criminals may collect enough information about users from the posts and profile ofthe users. Mobile Phone Best Practices Best Practices 8 Use updated antivirus and anti-malware software. Use updatedOperating system. Always download apps from playstore or appstore. Do not download apps from third party websites or links received through messages or chats. Enable only necessary permissions for apps. Do not click on any suspicious link received from strangers. Do not share your OTP received for any application with anyone. Enable Multi-Factor Authentication whenever possible. Always keep your phone locked if notin use. AvoidUSBcharging in public places. Aadhaar Best Practices Lock your biometrics through the m-Aadhaar app/ UIDAI portal to prevent unauthorized access to your account details. Use Virtual ID (VID) or Masked Aadhaar to avoid disclosure ofAadhaarnumber. Link your aadhaar data to your mobile numberto get alert ofanyactivity. Keepyourdigitalaadhaarcopies secure. Donot shareyouraadhaardetails,OTPtostrangers. AvoidsavingyourdigitalaadhaarinPubliccomputers. Delete aadhar information/copies from public computers, onceyourworkiscompleted. Desktop Best Practices Best Practices Use genuine operating systems andsoftware. Keepyour operating systemupdated. Install anti-virus andanti-malware solutions. Keepyour antivirus andanti-malware solutions updated. Use strong loginpasswordandchange them periodically. Regularly takebackups of yourimportantfiles anddata. In-case ofincidents such as hardware failure, or cyberattacks, havingbackups can helpyou restore importantinformation. Maintainmultiple copies of criticaldata indifferent locations topreventloss in case ofdisasters. Periodically test andverify yourbackups to ensure they canbe usedforrestorationwhen needed.