According to the Microsoft Digital Defense Report 2025 (Microsoft Digital Defense Report 2025), Spain is the fifth country in the world that has suffered the most cyber attacks between January and June of this year. Additionally, the report provides insight into how malicious actors, from cybercriminals to nation-state actors, are evolving their attacking activity more rapidly than ever.
During the first half of 2025, Microsoft data showed that Spain ranked 14th globally among countries whose customers were most affected by malicious cyber activity. In addition, in the first six months of 2025, it concentrated around 5.4% of clients affected by malicious cyber activity in Europe.
According to Amy Hogan-Burney, Corporate Vice President, Customer Security & Trust at Microsoft, extortion and ransomware are responsible for more than half of cyberattacks (52%), while attacks focused exclusively on espionage only account for 4%.
Additionally, critical public services continue to face increased cyber risk due to the services they provide, the data they hold, and tight cybersecurity budgets, often resulting in outdated software.
Another worrying fact is that online criminal operations by nation-states are expanding, driven by geopolitical objectives. Furthermore, we continue to see how these actors use criminal networks to carry out espionage activities.
As other studies have already shown, AI is transforming cybersecurity. Both for cybercriminals to expand their operations, and for security managers to automate threat detection, close gaps, detect phishing attempts and protect vulnerable users.
On the other hand, it is worth highlighting that, as the Microsoft report reveals, cybercriminals are not breaking into systems, but rather logging into them. So, More than 97% of identity attacks are attacks carried out through the introduction of a passwordbut 99% can be blocked using phishing-resistant multi-factor authentication.
