DDoS attacks surge in Europe, Spain becomes prime target
While DDoS attacks typically cause temporary service disruption without lasting damage, their scale and frequency raise serious concerns about national digital resilience and the political use of cyber tactics.
In March 2025, Europe witnessed a sharp rise in distributed denial-of-service (DDoS) attacks, with an 88% increase compared to the previous month, according to cybersecurity firm Group-IB. Spain experienced the most dramatic escalation, going from a single incident in February to 72 attacks in March, a staggering 7100% spike.
Hacktivist groups targeted high-profile Spanish institutions, including the Prime Minister’s Office and defence technology company Indra. Groups such as Mr.Hamza, TwoNet, and NoName057(16), the latter known for its pro-Russian alignment, claimed responsibility for politically motivated attacks, reportedly in retaliation for Spain’s military support for Ukraine.
France, Ukraine, and Belgium also faced intensified activity, with 30, 26, and 11 attacks, respectively. While DDoS attacks typically cause temporary service disruption without lasting damage, their scale and frequency raise serious concerns about national digital resilience and the political use of cyber tactics.
Why it matters for civil society
These attacks show how vulnerabilities exist in essential digital infrastructure. Civil society depends on open access to government information, digital services, and media platforms. Frequent service disruptions risk weakening democratic transparency, digital rights, and the reliability of public communication in times of crisis.
What civil society can do
Civil society groups have a vital role in promoting stronger digital protection standards and advocating for transparency in how cyber incidents are reported. They can urge governments to invest in secure, open digital infrastructure while ensuring that cybersecurity efforts respect fundamental rights and freedoms. Additionally, they can contribute by organising training initiatives and enhancing existing capacities to better prepare communities for digital threats.
Intersection with digital standards
The surge in attacks underscores the need for robust cybersecurity frameworks, incident response protocols, and international digital governance standards. It brings renewed urgency to harmonising protective measures across Europe while balancing security with openness.
