Cyber Threats in Italy – ACN Operational Summary, April 2025

Article Thumbnail
ACN | ransomware | cyber threats | CSIRT | Italy cyber report | DDoS | vulnerabilities | spear phishing

Cyber Threats in Italy – ACN Operational Summary, April 2025

May 22, 2025

The April 2025 Operational Summary from Italy's National Cybersecurity Agency (ACN) presents a clear picture of the evolving cyber threat landscape in Italy. Despite a drop in overall cyber events from the previous month, ransomware and DDoS attacks have surged significantly. With the NIS2 compliance deadline approaching, organizations must be particularly vigilant against these threats.

Key Figures – April 2025

  • 163 cyber events recorded (-82 vs March)
  • 260 confirmed victims (-531)
  • 426 potentially compromised assets (-819)
  • 24 ransomware attacks (+30% month-over-month)
  • Sharp decrease (~90%) in DDoS attacks and 80% in defacement incidents
  • 67 alerts published on the CSIRT Italia website
  • 4,299 new CVE vulnerabilities reported (+360 vs March)

Most Affected Sectors

  • Central Public Administration
  • Telecommunications (notably via spear phishing attacks)
  • Transport and logistics infrastructure

Key Technical Weaknesses

  • Improper email authentication system configurations (SPF, DKIM, DMARC)
  • Decline in hacktivist activity related to the Russia–Ukraine conflict

The CSIRT Italia sent 3,733 direct communications in April alone to warn organizations of risks or ongoing threats. As cyber risks continue to evolve, timely intelligence remains critical to maintaining national digital resilience. Organizations subject to NIS2 baseline security measures must implement robust protection against these threats. Our NIS2 compliance guide provides detailed recommendations for addressing these threats.

Read the full summary: Cyber Threats in Italy – ACN April 2025

Share this post