Introduction
The report ENISA Threat Landscape 2025 provides a comprehensive analysis of the cyber threat landscape in the European Union between July 1, 2024, and June 30, 2025. Drawing on thousands of reported incidents across multiple countries, the document identifies emerging attack vectors, threat actors, attack techniques, and strategic recommendations to strengthen digital resilience in both public and private organizations.

Key Threats and Trends

Phishing and Social Engineering
Phishing remains the dominant initial intrusion vector. More sophisticated campaigns employ persuasive techniques, well-crafted messages, and the use of artificial intelligence to make fraudulent emails increasingly realistic.

Exploitation of Vulnerabilities
Attacks exploiting known vulnerabilities continue at a large scale, making it critical for organizations to maintain up-to-date patches and visibility into security flaws.

DDoS and Availability Attacks
Threats targeting system availability (DDoS) remain prominent, particularly in the context of geopolitical conflicts, impacting critical infrastructures.

Supply Chain Attacks and Abuse of Legitimate Services
Attacks targeting supply chains and the misuse of legitimate services continue to grow, representing significant risk to organizations relying on interconnected systems.

Convergence of Threat Actors and Advanced Technologies
The report highlights that hacktivist groups and nation-state actors are increasingly sharing techniques and tools. Artificial intelligence, while mostly used to optimize existing attacks, poses a growing risk as a vector for automated or manipulated attacks.

Relevance for Local Public Administration
The public sector, including municipalities and local entities, is frequently targeted due to the volume of sensitive data they manage. A successful incident can compromise not only individual data but also interdependent service chains. Key guidance from the report includes:

• Implement adaptive phishing and anomaly detection systems.

• Prioritize vulnerability management and timely updates.

• Use traffic filters and protections to mitigate abuse of legitimate infrastructures.

• Continuously train public employees in secure practices.

Strategic Recommendations

• Integrate security solutions with contextual intelligence (sender data, reputation, network behavior).

• Adopt hybrid approaches: endpoint protection + network security + real-time monitoring.

• Implement automated incident response strategies to reduce mitigation time.

• Promote a security culture through training, simulations, and ongoing awareness.

References and Further Reading

• ENISA Cybersecurity Threat Landscape Methodology 2025 (methodology)

• ENISA Threat Landscape Methodology 2025 (booklet)