Threats to cybersecurity continue to increase steadily again this year. In the first half of 2025, Inetum LiveSOC, Inetum’s Security Operations Center, processed 77.093 cyber security alerts, and 25.171 incidents. For ransomware alone, a total of 2.406 attacks have been reported, moving Belgium to the 8th spot (+1) in the top 10 country list. Inetum, a European leader in digital services, warns for increasing cyberthreats and offers insights on how to mitigate risks companies and individuals face.
Geopolitical reality complicates cybersecurity
In the past 6 months, geopolitical developments and ongoing military conflicts have also impacted cybersecurity. Any statement or sanction issued by an EU member can trigger digital retaliation against servers physically located in our country, making it a recurring target for pro-Russian activist groups. These groups have disrupted parliamentary and municipal organizations and media portals, as well as Febelfin, the Economy ministry, the Belgian Centre for Cybersecurity, NMBS/SNCB and the Port of Antwerp-Bruges. Tensions in the Middle East, India and Pakistan equally have ripple effects across the cybersecurity space globally.
Meanwhile other international malicious cyber actors remain ever present: financially motivated threats like Medusa, RansomHub and Lockbit derivatives, as well as state-sponsored ones like Lazarus, which is linked to the North Korean government. According to the Centre for Cybersecurity Belgium, reports of cyber incidents increased by 80%. An amount that is projected to grow further in the coming years.
Ransomware on the rise
When focusing specifically on ransomware, the number of ransomware attacks compared to the first half of 2024 has doubled in the 19 countries where Inetum LiveSOC is active. In H1 2024, Recorded Future noted down just over 1.000 ransomware cases, while H1 2025 already saw almost 2.500. Belgium is further solidifying its position in the top ten countries who suffer from ransomware attacks most frequently, climbing one position from 9th to 8th compared to last year. The top 10 is further completed by the US, the UK, France, Spain, Brazil, India, Mexico, Switzerland and Columbia.
Other top cybersecurity alerts involve malware, users who add themselves to groups (which triggers possible privilege escalation), the suspicion of a data breach (indicators of compromise), unregistered users who maliciously try to access systems (for instance by brute force attempts) and e-mails who get flagged down for malware of phishing.
Emilio Jiménez-Gomez, Threat Operations Manager of Inetum’s LiveSOC, further explains: “Next to ransomware and day to day threats, our LiveSOC teams see an increase in Advanced Persistent Threats (APT’s), where cybercriminals gain access to a system for a longer period of time to gather sensitive data, DDoS attacks and the exploitation of vulnerabilities. Many APT’s are linked to Russian and Chinese actors, and are aimed at sensitive sectors like government, healthcare and fintech. The potential impact on Belgian organisations is sizeable: services might get disrupted and sensitive data is potentially compromised.”
Popular methods and trends
The most popular cybercrime methods remain phishing, spearfishing, brute force attacks, the misuse of leaked passwords, and malware. Cybercriminals have also started using more advanced techniques such as AI to scale attacks and avoid detection.
For the coming 6 months, Inetum projects AI to grow into a key tool for threat actors, further automating the identification and exploitation of vulnerabilities, especially for RATs (Remote Access Trojans) and Stealers (information thieves). AI will allow them to become more effective and more easily evade detection. Next to that, DOS attacks are expected to persist in the current geopolitical field. An increase in the exploitation of zero-day vulnerabilities and persistence in ransomware attacks is also expected.
Peter Vandeput, Cybersecurity Lead at Inetum Belgium further warns users, whether personal or enterprise: “We should always remain vigilant for suspicious e-mails and attachments, use strong unique passwords – passkeys are even better – and avoid reusing them on multiple platforms. Next to that, we should frequently scan for vulnerabilities, update software diligently and apply security patches when they arrive. Lastly, we must use multifactor authentication. It’s crucial that companies keep their incident response plans up to date and test them thoroughly, making their leaders and employees aware of cyberthreats through recurring trainings and simulations.”
***
About Inetum
Inetum is a European leader in digital services. Inetum’s team of 27.000 consultants and specialists strive every day to make a digital impact for businesses, public sector entities and society. Inetum’s solutions aim at contributing to its clients’ performance and innovation as well as the common good. Present in 19 countries with a dense network of sites, Inetum partners with major software publishers to meet the challenges of digital transformation with proximity and flexibility. Driven by its ambition for growth and scale, Inetum generated sales of 2,4 billion euros in 2024. For further information, please visit www.inetum.com.
About Inetum LiveSOC
LiveSOC is a cutting-edge Security Operations Centre (SOC) that provides 24/7 monitoring, detection, and response to cyber threats. At the core of its services is a robust cyber threat intelligence capability, enabling proactive identification of malicious actors, emerging tactics, and global threat trends. By combining advanced analytics, threat hunting, and real-time intelligence feeds, LiveSOC empowers organisations to stay ahead of evolving cyber risks and make informed security decisions. LiveSOC supports clients across multiple regions worldwide, delivering tailored security insights and operational resilience at a global scale.
Contact
TEAM LEWIS
Press relations – Inetum in Belgium
Katrien de Raijmaeker
Communications Manager
0498 36 81 01
