This post is also available in:
עברית (Hebrew)
Europe has experienced a significant spike in cyber-disruptions this March, with Spain emerging as the most heavily targeted country in a dramatic escalation of distributed denial-of-service (DDoS) attacks, according to a new report from cybersecurity firm Group-IB.
Spain suffered a staggering 72 DDoS incidents in March—an explosive increase from just one attack the previous month—representing a 7,100% rise. These attacks disrupted access to key websites, including that of the Spanish Prime Minister’s Office and major technology and defense contractor Indra. The attacks are believed to have been politically motivated, with multiple hacktivist groups claiming responsibility.
Among the actors, the pro-Russian collective NoName057(16) has intensified its activity in Spain as part of its “OpSpain” campaign, which retaliates Spain’s military support for Ukraine. Meanwhile, a newer threat actor, Mr.Hamza Group, emerged in October 2024 and has also joined the digital offensive against the Spanish Government, alongside another Russia-aligned group, TwoNet, which claimed the attack on Indra.
France also saw a sharp rise, with 30 DDoS attacks logged—an increase of 131% from February. Ukraine and Belgium were likewise affected, reporting 26 and 11 incidents, respectively. Overall, the number of politically motivated cyber disruptions across Europe grew by 88% in March.
Though DDoS attacks are typically non-destructive and limited to temporary service outages, they continue to serve as effective tools for politically motivated digital protests and intimidation. These attacks often accompany broader geopolitical tensions, as illustrated by rising incidents in countries backing Ukraine.
While DDoS volumes surged, the report suggests that ransomware activity remained relatively stable, with 93 recorded cases across Europe—a slight 4% dip from the previous month.
The report also highlights a growing threat to corporate digital security. Nearly 116,000 compromised business accounts were detected across Europe, marking a 19% rise. Organizations in France, Italy, and Spain were most affected, underscoring the widening cyber risk landscape facing the region.
