The 2025 ENISA Threat Landscape report paints a sobering picture of Europe’s digital security environment, warning that cyberattacks are becoming more sophisticated, persistent, and politically charged. Across 4,875 documented incidents between mid-2024 and mid-2025, Distributed Denial-of-Service (DDoS) campaigns accounted for roughly 77 % of all events—driven largely by hacktivist groups responding to ongoing geopolitical tensions. While many of these DDoS actions were short-lived, their sheer volume reflected how ideologically motivated groups are increasingly using cyberattacks as a form of protest or propaganda. At the same time, ransomware remained the most damaging and costly threat category, forcing critical sectors such as healthcare, transportation, and manufacturing to face prolonged downtime and data loss.

ENISA’s analysis also reveals that state-aligned and financially motivated groups are adopting similar tactics, often blurring traditional threat classifications. Roughly 60 % of initial compromises stemmed from phishing, while 21 % were tied to the exploitation of unpatched vulnerabilities. The report underscores the growing risk from AI-assisted attacks, the weaponization of supply chains, and the exposure of operational technology (OT) networks. Disinformation and psychological operations have also become integral to many campaigns, particularly those targeting elections or public institutions. ENISA concludes that effective defense will depend on greater collaboration between EU states, continuous threat intelligence sharing, and sustained investment in resilience—particularly for critical infrastructure operators and cross-border digital services.

‍

Source: https://industrialcyber.co/reports/enisa-2025-threat-landscape-report-highlights-eu-faces-escalating-hacktivist-attacks-and-state-aligned-cyber-threats/