Europe’s cybersecurity landscape has reached a critical juncture, according to the Security Navigator 2025, a new report by Orange Cyberdefense, the cybersecurity arm of Orange. Released today, the report highlights the increasing sophistication of politically motivated hacktivist groups and the evolving threats posed by cyber extortion.

The report reveals that 96% of attacks by a prominent pro-Russian hacktivist group have targeted Europe, with countries like Ukraine, Czech Republic, Spain, Poland, and Italy bearing the brunt. Europe also ranks as the second most impacted region globally by cyber extortion, with an 18% year-on-year increase in victims.

Hacktivism: The New Geopolitical Threat

Hacktivist groups are shifting their focus from infrastructure disruption to cognitive attacks, manipulating public opinion and destabilising societal trust. This strategy targets symbolic institutions, such as election systems, aiming to create fear and undermine confidence.

“Cyber threats have become a critical barometer for anticipating global geopolitical tensions,” said Hugues Foulon, CEO of Orange Cyberdefense. “The Security Navigator 2025 underscores an urgent need for coordinated defensive strategies across Europe and beyond.”

Since early 2022, this pro-Russian hacktivist group has executed over 6,600 attacks, highlighting the growing influence of politically motivated cyber campaigns.

Operational Technology (OT): The New Frontier

The report raises alarms over hacktivist activity targeting Operational Technology (OT) systems, vital for infrastructure like energy, healthcare, and transportation. Nearly 23% of sophisticated attacks on OT systems now come from hacktivists, posing unprecedented risks to critical industries.

Key findings include:

• 46% of OT attacks involve manipulation of physical processes, particularly in utilities.
• Hacktivists’ focus on OT marks a shift previously dominated by state actors.

Cyber Extortion Targets Small Businesses

Cyber extortion cases surged by 53% year-on-year, with small and medium businesses (SMBs) accounting for two-thirds of victims. The practice of ‘revictimisation’—reusing stolen data for multiple campaigns—has amplified the financial and psychological toll on SMBs.

“Particularly with adversarial AI and the rise of IoT and 5G connectivity, the attack surface is expanding faster than ever,” said Philip Lee, Head of Orange Cyberdefense, APAC.

SMBs’ vulnerabilities also pose cascading risks for larger organisations that depend on them as part of the supply chain, underscoring the importance of robust cybersecurity across all business tiers.

The Health Care and Social Assistance sector saw a 50% year-on-year increase in attacks, eroding what little moral restraint threat actors previously exhibited. Hospitals and other subsectors now face significant risks, alongside manufacturing (+25%), professional services (+20%), and wholesale trade (+65%).

The Role of AI in Cybersecurity

AI is increasingly central to the cybersecurity landscape, acting as both a weapon and shield. Threat actors leverage Generative AI (GenAI) for creating realistic phishing attacks and deepfakes, while defenders use AI to detect advanced threats like beaconing, improving incident response times by up to 30%.

“This year’s report shines a light on a growing cynicism in the threat landscape, with actors seemingly intent on inflicting harm more than ever,” said Charl van der Walt, Head of Security Research at Orange Cyberdefense.

Key Recommendations

The report calls for enhanced measures to combat these evolving threats:

• Stronger OT protections and incident response frameworks.
• Proactive public channel monitoring to counter cognitive attacks.
• Tailored, localised cybersecurity strategies in diverse regions like Asia-Pacific.

As Europe faces a rising tide of politically motivated cyber campaigns, coordinated action across industries and governments is more urgent than ever.