Published in October 2025, the ENISA Threat Landscape 2025 report raises the alarm on the important growth of mobile attacks, now the main incident vector in Europe, accounting for 42% of all reported cyberattacks.
Whether it’s espionage, data theft, or compromised professional accounts, attacks targeting smartphones and tablets are growing in frequency, sophistication and impact, targeting both private companies and public institutions.
AI-driven phishing and ransomware: increasingly credible and frequent threats
Phishing remains the primary entry point for attackers, responsible for nearly 60% of reported incidents in Europe.
In 2025, it has scaled up dramatically: more than 80% of phishing campaigns now leverage artificial intelligence, generating messages and login pages that are indistinguishable from legitimate ones. Spread through SMS, emails, and mobile messaging apps, these attacks target collaborators to steal credentials and corporate access, often as a gateway to deploy malware or infiltrate internal networks.
Alongside phishing, ransomware remains the most operationally damaging threat. Nearly 69% of intrusions lead to data leaks or exfiltrations, and over 20% involve strategic or confidential information.
The consequences are severe: service interruptions, data loss, and costly recovery efforts. In Europe, several incidents have even resulted in postponed medical procedures and the temporary paralysis of critical infrastructure.
This escalation is fueled by the rise of the Ransomware-as-a-Service (RaaS) model, where developers sell or rent ready-to-use ransomware kits, lowering the technical barrier and accelerating the frequency of attacks.
Today, a single mobile compromise can open lateral access to an entire corporate network, leading to critical data breaches and major operational disruptions.
Public Sector: Prime Target of Mobile Cyberattacks
The public sector remains the most targeted in Europe, accounting for 38% of recorded incidents, an increase of nearly 10% compared to 2024.
Mobile attacks particularly affect essential entities and diplomatic and military institutions, where devices are used to access sensitive information or exchange confidential data.
Incident reports highlight a rise in mobile espionage campaigns aimed at collecting sensitive data, tracking collaborators movements, or intercepting communications between departments.
These attacks often exploit unpatched or personal devices used in BYOD (Bring Your Own Device) contexts, where the boundaries between professional and personal use are blurred.
They highlight a troubling reality: public sector mobile devices have become a strategic entry point for infiltrating institutional networks and accessing critical data.
A Sovereign and Proactive Protection
Protecting mobile devices is no longer limited to applying internal rules and monitoring their status. In a context where attacks are becoming automated, undetectable, and orchestrated by actors outside Europe, strengthening mobile defense is also a matter of digital sovereignty.
Pradeo Mobile Threat Defense (MTD) enhances these measures by:
- Detecting in real time suspicious behaviors linked to phishing, risky network connections, or exploitation attempts.
- Automatically blocking malicious applications or links before they can compromise devices.
- Providing full visibility into each device’s security status, even in hybrid or BYOD environments.
By combining continuous protection and regulatory compliance, Pradeo Mobile Threat Defense, a 100% European solution, enables organizations to neutralize threats before they cause harm, while reinforcing Europe’s digital strategic autonomy in an ever-evolving threat landscape.