Discover the key insights from our new Cybersecurity Report H1 2025 – now available.

Cybersecurity Report H1 2025

Whitepapers & Co

Cybersecurity Report H1 2025

The Myra Cybersecurity Report H1 2025 provides IT decision-makers with practical insights to strengthen business resilience and proactively counter cyber threats. Discover how you can align your cybersecurity measures even more effectively with the latest analyses, trends, and recommendations.

✔ Current threat situation in Germany and the EU

✔ Cyber hotspots: finance, public sector, and KRITIS (critical infrastructure)

✔ Digital sovereignty: strategies for a change of course

✔ Offensive AI: an overview of strategies and technologies

Download without registration

Key Insights at a Glance

Cyber Threat Landscape

Hybrid Threat Situation

Critical Infrastructure & Public Sector

Financial Sector Under Attack

Cyber Threat Landscape
Compared to the same period last year, there were 18.5 percent fewer malicious requests in the first half of 2025. Nevertheless, there were significant peaks in February and June, which even exceeded the already high mitigation level of the previous year by more than 6 percent.
Highly regulated industries such as the financial industry, critical infrastructures, and the public sector are particularly affected: 40 percent of all attacks target banks and other financial service providers.
Hybrid Threat Situation
Hacktivist groups and state-sponsored actors use cyberattacks as a means of hybrid warfare to sow uncertainty and promote social division.
Germany is the target of hybrid attacks on a daily basis, which target not only IT systems but also the stability of public order.
Critical Infrastructure & Public Sector
The risk-prone threat situation for critical infrastructure (KRITIS) and public administration facilities has by no means eased in 2024 – quite the contrary.
The spread of hacktivism and the increasing activities of politically motivated and state-supported cyber actors pose additional challenges for these sectors in particular.
Financial Sector Under Attack
DDoS attacks are the weapon of choice for cybercriminals targeting banks and financial service providers: in Europe, 46 percent of all attacks on the financial sector use this attack vector.
The Myra SOC recorded the highest number of attacks in the financial sector in the past six months.

Dynamic Threat Landscape

The tense and dynamic cybersecurity situation will remain a key challenge in Germany in 2025. Although the attacks documented and repelled by Myra in the first half of the year were down 18.5% year-on-year, the technical sophistication, targeting, and intensity of the attacks are increasing significantly.

Highly regulated sectors are particularly affected: Around 40% of all attacks were directed at banks and financial service providers.
Attackers are also focusing on critical infrastructure and the public sector.
Attackers are deliberately using global cloud infrastructures to conceal attacks and further increase their impact.
The technology industry recorded the strongest attacks, with some attacks lasting up to two days.

Expert Insights: Strategies for Greater Digital Independence

In conversation with Prof. Dr. Louisa Specht-Riemenschneider, Federal Commissioner for Data Protection and Freedom of Information (BfDI), and Prof. Dr. Dennis-Kenji Kipker, cybersecurity expert and member of the Myra Advisory Board, we shed light on the complex interplay between digital sovereignty, data protection, and cyber resilience.

(Download the report now to read the entire chapter.)

Prof. Dr. Kipker, cyberattacks repeatedly demonstrate how vulnerable digital infrastructures in Germany still are. In your opinion, what are the biggest challenges in defending against cyberattacks, such as DDoS?

We must bear in mind that defending against DDoS attacks has long been more than just a technical issue – it's about supply chains, compliance, liability, and digital sovereignty. This is because defending against overload attacks – for example, through traffic analysis and filtering – requires service providers to look deep into data traffic and intervene. This entails not only technical risks, but also significant compliance risks. This is particularly true when personal or business-critical data is involved.

As a company, I have to ensure that the service providers I use are trustworthy and comply with all regulatory requirements in order to minimize liability risks and guarantee system availability. The basis for this is clean risk management, on the basis of which the service provider is thoroughly checked via due diligence.

Prof. Dr. Specht-Riemenschneider, in recent years, Germany's dependencies in areas such as health, energy, and IT have become increasingly apparent. How can these dependencies be reduced and Germany's sovereignty strengthened?

The dependencies are often known, but are addressed too late or not with the necessary consistency. A key reason for this is that economic efficiency and short-term cost savings have long been a priority, while strategic resilience and digital sovereignty only come to the fore in times of crisis.

Digital and technical sovereignty requires forward-looking digital and industrial policies that specifically strengthen European technologies and infrastructures. This means investing in key technologies such as cloud computing, AI, and semiconductors that embody European values. But it also means greater European cooperation to leverage economies of scale and strengthen our ability to act through pooled demand.

In addition, regulatory frameworks must be designed in such a way that they enable innovation that complies with fundamental rights without creating new dependencies. In short, we need less reaction and more strategic foresight.