{"id":3454,"date":"2025-11-07T14:12:20","date_gmt":"2025-11-07T14:12:20","guid":{"rendered":"https:\/\/ft365.org\/index.php\/2025\/11\/07\/hacktivist-driven-ddos-dominates-attacks-on-public-sector\/"},"modified":"2025-11-07T14:12:20","modified_gmt":"2025-11-07T14:12:20","slug":"hacktivist-driven-ddos-dominates-attacks-on-public-sector","status":"publish","type":"post","link":"http:\/\/ft365.org\/index.php\/2025\/11\/07\/hacktivist-driven-ddos-dominates-attacks-on-public-sector\/","title":{"rendered":"Hacktivist-Driven DDoS Dominates Attacks on Public Sector"},"content":{"rendered":"
\n

\"Photo<\/p>\n<\/div>\n

\n

Distributed denial of service (DDoS) attacks largely driven by hacktivist groups represented the majority of cybersecurity incidents in the public sector last year, although data threats were more disruptive, ENISA said today.<\/p>\n

The EU\u2019s security agency made the claims in a new study detailing 586 publicly reported cyber incidents in the \u201cpublic administration\u201d sector last year. It warned that public sector management of large volumes of sensitive data and delivery of critical services makes it a key target.<\/p>\n

Some 60% of cybersecurity incidents impacting the sector last year were DDoS, and 63% were attributed to hacktivist groups. Cybercriminals (16%) and state actors (2.5%) accounted for most of the remainder.<\/p>\n

However, it is the latter two groups that\u00a0had the greatest impact on public services, particularly through \u201cdata-related incidents\u201d which were the second most common threat type. ENISA said 17% of all incidents in 2024 were classed as data breaches\u00a0and targeted \u201csensitive platforms\u201d like employment services and law enforcement portals.<\/p>\n

Ransomware comprised 10% of incidents in 2024, with\u00a0RansomHub, Lockbit 3.0 and 8Base among the main variants.<\/p>\n

Read more on ENISA reports:\u00a0Phishing Dominates EU-Wide Intrusions, says ENISA<\/em><\/p>\n

DDoS attacks mainly targeted municipal websites and government ministry portals, the report added. Central government accounted for the vast majority (69%) of overall cybersecurity incidents.<\/p>\n

\u201cCyber-securing public administrations is central to citizens\u2019 welfare and to the good functioning of the single market across the EU,\u201d said ENISA Executive Director, Juhan Lepassaar.<\/p>\n

\u201cPublic administrations provide reliable and effective public services, so it is essential to ensure a high-level of cybersecurity within their wider network of national, regional and local bodies.\u201d<\/p>\n

However, the sector\u2019s resilience to cyber-threats is still not where it should be, having been newly added to NIS2. An ENISA report from March 2025 put it in the \u201crisk zone\u201d for compliance, warning that public administrations \u201clack the support and experience seen in more mature sectors.\u201d<\/p>\n

Advice For Public Sector Organizations<\/h2>\n

ENISA warned that the sector\u2019s \u201clow maturity\u201d and high value as a target would make more attacks highly likely in the mid- to long-term \u2013 especially hacktivist DDoS, state-backed cyber-espionage\u00a0and opportunistic ransomware and data breaches.<\/p>\n

ENISA advised public sector bodies struggling with NIS2 compliance and cyber-threats to consider:<\/p>\n