Newsletters

This week, the European Union Agency for Cybersecurity (ENISA) published its Threat Landscape 2025 report, analysing cyber incidents between July 2024 and June 2025. The report highlights evolving cyber threats targeting the EU’s digital infrastructure, including transport, with a growing role for AI and state-aligned actors.

Distributed Denial of Service (DDoS) attacks accounted for 77% of all incidents, largely driven by hacktivist groups. Most of these attacks had limited impact, with only 2% resulting in actual service disruptions. Ransomware remained the most impactful threat, while phishing (60%) and vulnerability exploitation (21.3%) were the leading intrusion methods.

The report highlighted that the transport sector was the second most targeted, accounting for 7.5% of all incidents across sectors. Air transport (58.4%) and logistics (20.8%) were the most affected subsectors, with incidents often triggered by political developments, such as bilateral security agreements with Ukraine. Cybercrime incidents against the transport sector made up 8.4% of cases, with ransomware responsible for more than 80% of these. State-linked groups, mainly Russia- and China-nexus actors, also targeted air, maritime, and logistics entities in several Member States, often reflecting strategic geopolitical interests such as the Belt and Road Initiative or the war in Ukraine. ENISA warns that attacks on transport infrastructure can disrupt supply chains, with spillover effects on trade flows and economic resilience across the EU. Strengthening cybersecurity in aviation, maritime, and logistics networks is therefore highlighted as a key priority.

The report concludes that the evolving threat environment underscores the need for intelligence-driven, systemic defence strategies, as well as close cooperation between Member States, EU institutions, and private industry.

The report can be accessed here.

Source: ENISA