Summary: Overview of Cyberattacks 2024-2025

The 2024-2025 period marked a turning point in the cybersecurity landscape. The sustained increase in cyberattacks, along with greater technical sophistication, raised the risk level for public and private organizations worldwide. Accelerated digitalization, cloud dependency, and interconnection among vendors significantly expanded the attack surface.

Next, we analyze the data, incidents, and trends that shaped the cyberattack landscape during this period.

Spain: Increased Volume and Impact

During the first quarter of 2025, cyberattacks in Spain grew 66% compared to the previous year, placing the country among those with the highest incident volumes globally. Between January and March, 213 verified attacks were recorded, representing 4.5% of the global total, according to HackRisk.io.

Throughout 2025, the increase continued, with notable peaks such as August, when attacks rose 16%. Public administrations, the consumer goods and services sector, telecommunications, and manufacturing were the most affected, reflecting growing attacker interest in critical services with high operational impact.

Notable Incidents in 2025

The year was marked by a variety of incidents that highlighted the diversity of attack vectors used. Ransomware attacks, data leaks via third parties, and even denial-of-service campaigns affected both large companies and public institutions.

Cases such as DKV Seguros, Endesa, El Corte Inglés, Telefónica, and Mango highlighted the risks associated with personal data exposure, reliance on external vendors, and disruption of essential services. At the institutional level, DDoS attacks like the one experienced by the Spanish Royal House also reflected the geopolitical component present in many of these incidents.

Ransomware and Social Engineering as Key Points

During the second half of 2025, ransomware attacks in Spain increased by more than 116%. Criminal groups intensified the use of double and triple extortion, combining system encryption, data exfiltration, and additional threats such as DDoS attacks. During this period, it is estimated that more than 238 TB of information was stolen, affecting healthcare, technology, and industry in particular.

At the same time, phishing and social engineering continued to be the primary entry vectors. Reports such as Verizon’s DBIR 2025 confirmed that the human factor was involved in over 75% of security breaches, solidifying these techniques as the starting point for most serious incidents.

Economic Costs and Global Escalation

The economic impact of cyberattacks continued on a clear upward trend. Globally, the average cost of a data breach reached $4.51 million in 2024, according to IBM. In Spain, the average cost per cyberattack was around $2.4 million, and for a data leak, $3.9 million.

Beyond the direct impact, business activity disruption resulted in estimated losses of €4,000 to €7,500 per minute. These figures explain why cybercrime has become one of the largest illicit economies in the world, with forecasts projecting global losses of up to $10.5 trillion annually by the end of 2025.

A Landscape Requiring Continuous Attention

Although Spain managed to exit the TOP 10 most cyberattacked countries in the second half of 2025, the overall context showed that the threat remains active and constantly evolving. The use of artificial intelligence by attackers, the increase in advanced malware, and the exploitation of cloud infrastructures and supply chains further increased the complexity of the scenario.

The 2024-2025 period made it clear that cyberattacks are not isolated episodes but a structural risk affecting organizational continuity, reputation, and economic viability.

Want to Learn More?

At ESED, we have prepared a complete report on 2025 cyberattacks, with detailed analysis, figures, and defense strategies tailored for businesses. Access the full report here and prepare your organization against the most relevant threats.