de flag go to the original language article
This article has been translated by Artificial Intelligence (AI). The news agency is not responsible for the content of the translated article. The original was published by dpa.

Cyber threat situation in the EU is worsening

by AI | 02.Oct 2025 | Europe in brief AI

Ransomware and DDoS attacks are among the most common cyber threats in the EU.

On a smartphone, a fraudulent SMS can be read in which criminals announce a package and allegedly demand customs fees that are due. Photo: Wolf von Dewitz/dpa-Zentralbild/dpa

Athens (dpa) – The threat level for Europe’s digital infrastructure has further intensified. This is evident from the new report by the EU Agency for Cybersecurity ENISA. The report identifies ransomware as the threat with the greatest impact in the EU.

High damages from ransomware

Ransomware is a specific type of malware that effectively takes the victim’s computer or the data stored on it hostage. This means that after an infection, important files or even the entire system are usually encrypted or locked in such a way that access is no longer possible. The perpetrators then demand a ransom from the owner – usually in cryptocurrencies like Bitcoin – and promise to lift the lock or decryption upon payment.

The damages from hacker attacks in these cases are often enormous because the victims are unable to restore their systems from backups.

Numerous DDoS attacks

However, in terms of numbers, so-called DDoS attacks top the ENISA report. They account for 77 percent of the reported incidents. In these attacks, the perpetrators overwhelm the victims’ computers with such large amounts of data requests that the servers buckle and cease to function. Often, the damages from denial-of-service attacks are not as high as those from ransomware attacks, because after the temporary attack, the servers are back up and running. Most of the DDoS attacks come from “hacktivists,” while cybercriminals played a smaller role.

The analysis is based on 4,875 incidents between July 2024 and June 2025, as reported by ENISA in Athens. ENISA Director Juhan Lepassaar stated: “The increasing dependence on digital systems means that disruptions can affect entire supply chains.”

Public administration targeted by cyberattacks

The report indicates that public administration in the EU, with a share of 38.2 percent, is among the most frequently targeted areas. In particular, diplomatic and governmental institutions are in focus, becoming targets of hacktivists as well as state-sponsored groups in the context of cyber espionage campaigns.

In second place is the transportation sector, with 7.5 percent of the registered incidents. Following that are digital infrastructures and services (4.8 percent), the financial sector (4.5 percent), and industry (2.9 percent).

Artificial intelligence enhances attack strategies

Concerningly, according to ENISA, the increased use of artificial intelligence is noted. Over 80 percent of globally observed social engineering activities are now AI-supported, according to the report from the EU Agency for Cybersecurity, which is based in Athens. In social engineering, for example, fake instructions from superiors are generated using AI (“boss emails”), which entice employees to transfer large sums to the attackers. (October 1)