The European Union Agency for Cybersecurity (ENISA) states that European Union member states are currently experiencing Cyber Attacks. The increasing situations that involve cyber risks that include denial of service attacks and breaches in data are being utilized from cyber raised weaknesses within the governments. Because of this, ENISA states that the defenders of the digital are in desperate need of improvement.
Denial of Service attacks have increased by over 30% within the last year alone
The ability of these attacks to shut down tax, medical, and other government services and portals makes them, unfortunately, common cyber-activist attacks. They are also funded by governments that engage in cyber terrorism. One of the primary reasons for these attacks is to frustrate citizens of the targeted government.
There is also a considerable increase in data breaches. By these breaches, sensitive data, including the identification and financial records of the citizens, is compromised. Such breaches build public mistrust and also create other problems that have a cascading effect on the country and other countries. More importantly, they pose a great risk to national security and the economy.
The cybercriminals that target that sectors deal with huge amounts of data and manage critical infrastructures and services. Therefore, cyber attackers are focusing on the public sector. Yet, administrators still deploy legacy systems. Outdated systems and nothing to show for incidents are the norm, ENISA states.
These problems get compounded due to the lack of budget, security policies, and training to the user
In the absence of relevant measures, there are systemic obstacles for the European Union that may impact the delivery of critical services and their fundamental elements.
European Union Agency for Cybersecurity report key findings:
- DDoS attacks: Accounted for 50% of all public administrations’ issues reported for 2025 alone.
- Data breaches are climbing: Phishing and unpatched exploitation have been linked to a 25% increase in concerning data breaches.
- Insider threats: A large and rising concern related to more remote working and the new attack surfaces it will create.
- Supply chain risks: A significant and compromised software update poses a third-party vendor risk.
- Continuous training: Equip civil servants with cybersecurity awareness to reduce human fallibility.
Improvements in synergy are needed from the agency with the EU’s NIS2 Directive
The report captures the increased demands in relation to the management and mitigation of risks in the most critical industries and companies.
ENISA Executive Director Juhan Lepassaar has made the call to action clear:
โPublic administrations are the pillars of democracies. Their exposure to the risks of cyberattacks is also the exposure of all citizens. Strengthening cybercrime resilience has to be a priority for all democracies.โ
The geopolitical instability, coupled with cyber-activist campaigns, will further target and attack governmental systems. An analyst states:
โPublic services have a threatening value. Disruption of a service will trigger radical system distrust and create chaos.โ
With no unified action taken, the report outlines the critical and growing threats the EU will continue to face. Essential services will be lost, and with them, sensitive information will be irrevocably compromised and exploited. ENISA intends to assist the Member States directly in the application of the recommendations made and track the developments with annual resilience assessments.
As Europeโs digital transformation is underway. The message is clear: Active innovation will also necessitate new security measures, especially within the Public Administration. Steps taken will not be merely reactive in nature, and will incorporate a new level of cyber activity in the planning and organization of the Public Administration. The cyber threat will be placed at the core of all decision-making, assuring full operational continuity of digital systems.
