Phishing Dominates EU-Wide Intrusions, says ENISA
Phishing and vulnerability exploitation accounted for the vast majority of initial access in cyber-attacks against EU organizations over the past year, according to ENISA. Over the period, phishing accounted for 60% of observed intrusions, with vulnerability exploitation a distant second on 21%. Botnets (10%) and malicious applications (8%) round out the main culprits, with most (68%) intrusions leading to follow-up malware deployment.
Unsurprisingly, outdated mobile devices and operational technology (OT) systems were flagged by ENISA as “high-value targets” for these attacks. The agency also cited AI as helping threat actors to scale and refine campaigns, claiming that by early 2025, AI-powered phishing represented over 80% of social engineering activity worldwide.
However, it’s getting increasingly difficult to separate state-sponsored activity from hacktivism, due to a convergence in tactics, techniques and procedures (TTPs), and “faketivism” incidents where state groups pretend to be hacktivists, ENISA said.