ENISA report warns of rising cyber threats across europe
ENISA’s 2025 Threat Landscape report warns that Europe faces growing cyber risks, with DDoS attacks making up 77 percent of incidents and ransomware identified as the most damaging threat. The report highlights phishing as the main entry point for attackers, the rising use of AI in cyberattacks, and increasing pressure on public administrations and other critical sectors.
The European Union Agency for Cybersecurity (ENISA) has released its 2025 Threat Landscape report, analysing nearly 4,900 cybersecurity incidents that took place between July 2024 and June 2025. The report highlights how attackers are reusing old methods, introducing new tactics, and are increasingly collaborating to undermine the security of Europe’s digital infrastructure.
According to ENISA, Distributed Denial of Service (DDoS) attacks were the most common type of incident, making up 77 percent of cases. These attacks, often carried out by hacktivist groups, typically overwhelm websites with traffic to make them temporarily unavailable. Although most were low impact, they accounted for nearly 80 percent of all recorded incidents. Ransomware, meanwhile, was identified as the most damaging threat overall, given its ability to disrupt organisations by encrypting critical systems and demanding payment.
The report also found that phishing—fraudulent messages designed to trick people into revealing personal information—remains the most common way attackers gain entry, responsible for 60 percent of cases. A growing industry of “Phishing-as-a-Service” makes these tools more widely available. Another worrying trend is the exploitation of digital dependencies, where attackers target points in the supply chain to magnify the scale of their impact.
ENISA pointed to the increasing overlap between different types of attackers. State-linked groups are adopting hacktivist-style techniques, while cybercriminals and hacktivists often use similar tools. The report refers to this convergence as ‘faketivism.’ At the same time, artificial intelligence (AI) is playing a larger role in cyberattacks. AI-supported phishing campaigns already account for more than 80 percent of social engineering incidents globally, while attacks on the AI supply chain are also rising.
Public administration emerged as the most targeted sector, making up over 38 percent of incidents. Transport, digital services, finance, and manufacturing followed. ENISA noted that most of the sectors attacked are those covered under the EU’s NIS2 Directive, which sets cybersecurity requirements for essential services.
Launching the report, ENISA Executive Director Juhan Lepassaar stressed that the interconnected nature of modern systems makes them more vulnerable to cascading failures. ‘A disruption on one end can have a ripple effect across the supply chain,’ he said, adding that the findings should help governments and organisations prioritise measures to protect Europe’s critical infrastructure.
