Athens, 1 October 2025 (dpa/MIA) - Cyberattacks on Europe's digital infrastructure are increasing, with ransomware identified as the most disruptive threat, according to an EU report released Wednesday.

The latest report by the EU Agency for Cybersecurity ENISA said ransomware, a type of malware that effectively takes victims' computers or stored data hostage, is causing severe damage.

After infection, important files or even entire systems are typically encrypted or locked, making access impossible. The perpetrators then demand a ransom - usually in cryptocurrencies such as Bitcoin - and promise to lift the lock or encryption after payment.

A ransomware infection also caused recent computer disruptions at several European airports, including Berlin Brandenburg Airport and London Heathrow.

The damage caused by hacker attacks is often immense, as victims frequently fail to restore their systems from backups.

Attacks that flood servers on the rise

In terms of numbers, however, so-called Distributed Denial-of-Service or DDoS attacks top the ENISA report, accounting for 77% of reported incidents.

In these attacks, perpetrators overwhelm victims' servers with massive amounts of data requests, causing them to crash and stop functioning.

The damage from DDoS attacks is often less severe than ransomware attacks, as servers typically resume functioning after the temporary assault ends. Most DDoS attacks are carried out by "hacktivists," with cybercriminals playing a smaller role.

The analysis is based on 4,875 incidents between July 2024 and June 2025, ENISA stated in Athens. ENISA Director Juhan Lepassaar said, "The increasing reliance on digital systems means that disruptions can affect entire supply chains."

Public administration targeted by cyberattacks

The report reveals that public administration in the European Union is among the most frequently targeted sectors, accounting for 38.2% of incidents.

Diplomatic and government institutions are particularly in focus, often targeted by hacktivists and state-sponsored groups as part of cyberespionage campaigns.

The transport sector ranks second, with 7.5% of recorded incidents, followed by digital infrastructures and services at 4.8%,, the financial sector with4.5%, and industry at 2.9%.

Artificial intelligence amplifying attack strategies

ENISA expressed concern over the increased use of artificial intelligence in cyberattacks.

Over 80% of globally observed social engineering activities are now AI-driven, according to the report.

Social engineering includes tactics such as generating fake instructions from superiors using AI, so called "boss emails" to trick employees into transferring large sums of money to attackers.