Back

Belgium Faces Surge in Cyber Incidents Amid NIS2 Directive Implementation

Severity: Medium (Score: 58.0)

Sources: Industrialcyber.Co, Ccb.Belgium.Be

Summary

In 2025, Belgium experienced a notable increase in cyber incidents, with the Centre for Cybersecurity Belgium (CCB) reporting 635 total incidents, a 70% rise from the previous year. Of these, 556 were confirmed cyber incidents, reflecting a 58% year-on-year increase. The uptick in reporting is attributed to the NIS2 directive, which has enhanced awareness and compliance among organizations. Account compromise was the most prevalent threat, with 144 cases reported, while ransomware incidents remained stable at 105 but became more impactful. Phishing attacks surged, with nearly 10 million suspicious emails reported through the Safeonweb platform. The threat landscape also included state-linked activities, particularly from pro-Russian hacktivist groups targeting critical infrastructure. Despite the increase in incidents, the real-world impact of attacks was mitigated by the CCB's coordination efforts. The average time-to-exploit for vulnerabilities decreased significantly, highlighting the urgency for rapid response and patching. Overall, the data indicates a shift towards greater visibility of cyber threats rather than a proportional increase in attacks. Key Points: • Belgium reported 635 cyber incidents in 2025, a 70% increase from 2024. • Account compromise (144 cases) and ransomware (105 incidents) were the top threats. • Nearly 10 million phishing emails were reported, indicating a rise in phishing activity.

Key Entities

  • Data Breach (attack_type)
  • DDoS (attack_type)
  • Malware (attack_type)
  • Phishing (attack_type)
  • Ransomware (attack_type)
  • Belgium (country)
  • T1041 - Exfiltration Over C2 Channel (mitre_attack)
  • T1486 - Data Encrypted for Impact (mitre_attack)
  • T1499 - Endpoint Denial of Service (mitre_attack)
  • T1566 - Phishing (mitre_attack)
  • BePhish (platform)
  • Safeonweb (platform)
  • Akira (ransomware_group)
  • Clop (ransomware_group)
  • Lockbit (ransomware_group)
  • Qilin (ransomware_group)
  • ClickFix (malware)
  • FileFix (campaign)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed