Cyber threats to European banks: Key takeaways from ENISA’s latest report

Key findings: Cyber threats faced by the finance sector

• Rise in DDoS attacks – Distributed Denial-of-Service (DDoS) attacks have surged due to unfolding geopolitical events. Hacktivists targeted banks (58% of incidents) and government websites related to finance (21%), causing operational disruptions.
• Data breaches and leaks – Data-related threats remain a serious concern, with cybercriminals exploiting vulnerabilities for financial gain through fraud, supply chain attacks, and social engineering. Credit institutions were the primary targets (39%), leading to financial losses, regulatory penalties, and reputational damage.
• Social engineering and fraud – Phishing, smishing, and vishing continue to be prevalent attack methods. Individuals (38%) and banks (36%) were the most affected, leading to financial losses, large-scale financial crimes, and data exposure.
• Fraud and crypto-related cybercrime – Fraud accounted for 6% of overall incidents, primarily affecting individuals (40%) and credit institutions (35%). Crypto-related cybercrime also increased, involving theft, scams, and illicit laundering.
• Ransomware attacks – While less frequent compared to other sectors, ransomware incidents had a severe impact on service providers (29%) and insurance organisations (17%). Consequences included operational disruptions, data exposure, and financial losses.

Strengthening cyber resilience: Next steps for banks

To mitigate these threats, ENISA recommends that financial institutions adopt a multi-layered approach to cybersecurity:

• Regulatory compliance – Strengthen adherence to DORA, the NIS2 Directive, and GDPR to ensure a robust legal framework.
• Advanced threat detection – Deploy advanced technologies and AI-driven monitoring and response systems to detect and neutralise cyber threats in real time.
• Employee training & awareness – Implement regular security training and phishing simulations to reduce the risk of human error.
• Incident response & business continuity planning – Develop and regularly test response strategies to minimise downtime and financial impact.
• Multi-factor authentication (MFA) – Enforce MFA across all critical banking systems to prevent unauthorised access.
• Robust third-party risk management – Financial institutions must assess the cybersecurity posture of their vendors and partners throughout the financial ecosystem.
• Collaboration & information sharing – Engage in industry-wide threat intelligence sharing to stay ahead of emerging attack trends.