ENISA Warns: AI-Driven Phishing Surge, State Actors Escalate Cyber-Espionage
The European Union Agency for Cybersecurity (ENISA) has published its 'ENISA Threat Landscape 2025' report, revealing a maturing cybersecurity landscape with over 4,900 verified events from July 2024 to June 2025. The report urges EU Member States and organizations to enhance collaboration and resilience.
Artificial Intelligence is now prevalent in phishing and social engineering, with AI-assisted phishing responsible for over 80% of global activity. Phishing remains the primary intrusion vector (60%), evolving into subscription-based models like Phishing-as-a-Service (PhaaS). Public administration is the most targeted sector (38%), followed by transport, with maritime and logistics infrastructure at risk.
State-sponsored and state-aligned actors have escalated long-term cyber-espionage campaigns, focusing on key EU sectors. Hacktivist operations account for almost 80% of recorded incidents, primarily low-impact DDoS campaigns driven by ideology or geopolitics. Ransomware continues to pose a significant threat, with groups adopting aggressive tactics and exploiting regulatory fears.
The report highlights the need for enhanced situational awareness and resilience. It recommends prioritizing cross-sector collaboration to combat the evolving threat landscape, characterized by rapid vulnerability exploitation, professionalized cybercrime, and converging operations. The rise of Ransomware-as-a-Service (RaaS) and public leaks of builder tools has lowered entry barriers, fostering a diverse criminal marketplace.
