EU's ENISA Warns of Rising Cyber Threats to Europe's Digital Infrastructure
A new report from the EU's cybersecurity agency, ENISA, warns of a heightened threat level to Europe's digital infrastructure. The report highlights a surge in sophisticated cyberattacks, with ransomware and phishing leading the charge.
The report reveals that DDoS attacks dominate the scene, making up 77% of cases. However, it's 'hacktivists' who are primarily behind these attacks, despite ransomware causing more significant damage. From July 2024 to June 2025, ransomware campaigns and phishing were the most common threats, with phishing often serving as the entry point for 60% of attacks. Ransomware operators have evolved, adopting decentralized structures and 'ransomware-as-a-service' models. Phishing has also become industrialized, enabling less skilled attackers to launch complex campaigns. Exploiting vulnerabilities remains a significant vector, accounting for over 21% of attacks.
These attacks are not isolated incidents but part of continuous, overlapping campaigns. Techniques include aggressive ransom demands, botnet-driven malware distribution, and various fraud schemes. The main sponsors behind these attacks are criminal ransomware groups operating decentralized, service-based models. Many attackers operate via industrialized platforms, providing tools to less experienced criminals. While specific state actors are not detailed, the complexity and scale suggest organized cybercriminal networks are primary actors.
Public administration is the most frequently targeted sector, accounting for 38.2% of cases. Diplomatic and state institutions are particularly vulnerable. Ransomware is the threat with the most significant impact, causing recent disruptions at several European airports like Berlin Brandenburg and London Heathrow. Artificial intelligence is increasingly being used to strengthen attack strategies, with over 80% of globally observed social engineering activities now being AI-assisted.
The ENISA report underscores the urgent need for enhanced cybersecurity strategies across Europe. With cyberattacks becoming more sophisticated and widespread, particularly in the public administration sector, robust defensive strategies and international cooperation are crucial. The growing use of AI in attack strategies further emphasizes the importance of staying ahead of the curve in cybersecurity.
