Sustained activity by specific threat actors

By CERT-EU and ENISA , on

The European Union Agency for Cybersecurity (ENISA) and the CERT of all the EU institutions, bodies and agencies (CERT-EU) jointly published a report today, to alert on sustained activity by particular threat actors. The malicious cyber activities of the presented threat actors pose a significant and ongoing threat to the European Union. Recent operations pursued by these actors focused mainly on information theft, primarily via establishing persistent footholds within the network infrastructure of organisations of strategic relevance.

Decision makers and cybersecurity officers are the primary audiences of this joint publication.

ENISA and CERT-EU strongly encourage all public and private sector organisations in the EU to apply the recommendations listed in the current joint publication, available here: "Sustained activity by specific threat actors—Joint Publication JP-23-01".

By applying these recommendations in a consistent and systematic manner, ENISA and CERT-EU remain confident that organisations will reduce the risk of being compromised by the mentioned APTs, as well as substantially improve their cybersecurity posture and enhance the overall resilience against cyberattacks.


In 2021, the EU Agency for Cybersecurity and CERT-EU signed an agreement on a structured cooperation to work together on capacity building, operational cooperation and knowledge and information sharing. The provision for a structured cooperation was included in the Cybersecurity Act of 2019. ENISA and CERT-EU meet regularly to agree on joint activities to implement the Annual Cooperation Plans.

We got cookies

We only use cookies that are necessary for the technical functioning of our website. Find out more on here.