ENISA Publishes 2025 Threat Landscape: Over 4,875 Incidents, Phishing & DDoS Lead the Way

On 1 October 2025, ENISA released its latest annual report, the Threat Landscape 2025, covering the period from 1 July 2024 through 30 June 2025. enisa.europa.eu+1The report analyses 4,875 cybersecurity incidents across EU Member States — a significant body of

Picture of JURCOM GRC

JURCOM GRC

On 1 October 2025, ENISA released its latest annual report, the Threat Landscape 2025, covering the period from 1 July 2024 through 30 June 2025. enisa.europa.eu+1
The report analyses 4,875 cybersecurity incidents across EU Member States — a significant body of data that sheds light on evolving risk-drivers for businesses of all sizes.

What the findings show

  • DDoS attacks accounted for approximately 77% of all incidents — the dominant type of attack in the EU for this period. enisa.europa.eu+1

  • Hacktivism was responsible for nearly 80% of incident volume — mostly low-impact DDoS campaigns rather than high-impact disruptions. enisa.europa.eu+1

  • Ransomware was identified as the most impactful threat — while not the most frequent, its consequences were more severe when it struck. enisa.europa.eu+1

  • Phishing was the leading vector for initial intrusion (≈ 60%), followed by vulnerability exploitation (≈ 21.3%). enisa.europa.eu

  • The most-targeted sector: Public Administration (~38% of incidents), with other sectors including transport, digital infrastructure & services, and finance. enisa.europa.eu

  • A noted trend: convergence between threat groups (hacktivist & state-aligned), and increasing abuse of cyber-dependencies in the supply chain. enisa.europa.eu

Why this matters for your business / clients

For companies providing DPO-services, data protection & compliance support (such as which your websites imply), these findings are crucial. They signal that:

  • Attackers are shifting from purely data theft to disruption, supply-chain abuse, and availability threats.

  • Despite “low-impact” categorisation, the ripple effect of attacks (especially in interconnected ecosystems) can be significant.

  • Resource-limited organisations (SMEs, public sector) remain exposed — particularly in sectors outside the “finance + energy” cluster.

  • Key controls such as employee training (for phishing), vulnerability management, incident response planning are no longer optional — they’re essential.

  • Services you offer (e.g., audit, risk assessment, outsourced DPO) can highlight readiness in light of these trends.

Actionable steps and considerations

  • Review and update incident response plans: ensure they cover DDoS, ransomware, supply-chain-enabled attacks.

  • Conduct phishing simulations, security awareness training — given phishing’s prevalence.

  • Map supply-chain & third-party dependencies: understand what you rely on, how it might be attacked.

  • Align risk assessments with current threat trends (not just past threats).

  • For clients in public administration / transport / digital infrastructure sectors, emphasise targeted controls and regulatory alignment.

Source

ENISA, “ENISA Threat Landscape 2025” — official publication. enisa.europa.eu+1

Picture of JURCOM GRC

JURCOM GRC

Suggestions