News
Orange Cyberdefense, cybersecurity arm of Orange Group, has published its Security Navigator 2025 report, a strategic guide to understanding changes in the cyber threat landscape
Now in its sixth year of publication, this year’s report reveals a stark increase in politically motivated cyberattacks across Europe since the Russian invasion of Ukraine in 2022.
At a launch event this month in London, Char van der Walt, Head of Security Research at Orange Cyberdefence, and Sara Puigvert, EVP of Global Operations, discussed one of the report’s themes: the geopolitical hacktivist threat to Europe.
A hacktivist is defined as a hacker who engages in attacks on computer systems based on political motivations but is not state sponsored.
The report focuses on one (unnamed) pro-Russian hacktivist group, which has conducted over 6,600 attacks since 2022. A staggering 96% of these incidents were directed at European countries such as Ukraine, Czech Republic, Spain, Poland, and Italy.
These groups have shifted focus to “cognitive warfare,” aiming to manipulate public trust and perception rather than solely causing technical disruptions. Whilst not directed by the Russian government, the groups are often what van der Walt described as ‘government tolerated’, using the Russian state playbook of societal disruption to portray the West, NATO, an those supporting Ukraine as morally degenerate.
By attacking election systems and other symbolic institutions, these hackers seek to spread disharmony and discontent, undermining the fabric of trust that our societies are built on. A lot is unknown about such groups, but typically their activities are triggered by geopolitical events, such as European elections, protests, or the Russian Invasion of Ukraine.
Hacktivist activity is also extending to operational technology (OT) systems, which are critical for infrastructure in sectors like energy, manufacturing, and healthcare. Nearly 23% of OT-targeted attacks in 2024 were linked to hacktivists, and 46% of these incidents resulted in the manipulation of control processes. The utilities sector has been particularly affected, underscoring the vulnerabilities of essential infrastructure.
AI continues to play a key role in the ongoing transformation of the cybersecurity sector, being used both defensively and offensively. Threat actors are using GenAI to produce realistic phishing attacks and deepfakes, while cybersecurity teams are deploying AI-driven tools to detect advanced threats faster. However, vulnerabilities within GenAI systems pose additional risks, the report warns.
In addition to the report, Orange Cyberdefense has also released its Cybercrime Now tool, a free to use interactive platform to provide education on the criminal ecosystem of hacktivists. Find it here.
Also in the news:
TalkTalk to cut hundreds more jobs in effort to save £120m
Heavily delayed ADC submarine cable system finally goes live in East Asia
World Communication Awards shine a light on AI Excellence