Belgium remains among the top 10 targets for AI-driven ransomware and DDoS attacks
Cyberattacks continue to increase. Although not involved in any current conflicts, Belgium is increasingly under threat. And according to Inetum’s LiveSOC Threat Landscape 2025 report, everything points to 2026 being a difficult year…
154,601 security alerts and 29,886 security incidents managed worldwide. Incidents related to malicious code saw the biggest increase (+197%). Next in line were intrusions (+82%) and privacy breaches (+64%). Ransomware attacks also remained among the most disruptive methods, with 8,054 attacks detected in 2025, compared to 6,548 the previous year.
Geopolitical tensions and ongoing military conflicts increasingly shaped the cyber threat landscape in 2025, according to Inetum’s LiveSOC Threat Landscape 2025 analysis. Cyberattacks linked to physical conflicts continued to grow, pushing hybrid warfare activities to record levels. These operations combine cyber sabotage, espionage, and disinformation with traditional geopolitical pressure.
Brussels attracts more attention
“Armed conflicts now translate almost directly into cyber activity,” explains Peter Vandeput, Business Unit Lead Cybersecurity, Inetum Belgium. “We see this clearly in the war between Russia and Ukraine, in the tensions in the Middle East involving Israel, Iran, and the United States, and in the long-standing rivalry between India and Pakistan…”
In these contexts, cyber operations are used to destabilize systems, collect sensitive information, and influence public or institutional processes. “Targets are rarely chosen at random: hackers select countries, institutions, and sectors based on their geopolitical relevance,” continues Peter Vandeput. Brussels is attracting more attention because of its central role for European institutions, NATO, and international headquarters…”
Pressure on the threat landscape
Ransomware also continued its upward trajectory in 2025. The United States, the United Kingdom, and France remained the most targeted countries globally. Belgium ranked tenth, maintaining its position among the countries most exposed to this type of threat despite a slight decline (-3 places) in the ranking.
Distributed denial-of-service (DDoS) attacks also reached historic levels in 2025. Cloudflare reports that 20.5 million DDoS attacks were blocked in the first quarter alone, a 358% increase year-on-year. Inetum detected 15,000 DDoS attacks, with France, the United States, India, Spain, and Belgium among the most targeted countries. Government institutions were the most affected (1,821 attacks), followed by the transportation (299), financial services (291), technology (274), and education (254) sectors.
In addition, the number of publicly disclosed software vulnerabilities increased by 20% in 2025, from 32,240 in 2024 to 38,502, according to the US National Institute of Standards and Technology (NIST).
What the threat landscape indicates for 2026
In 2026, digital identity will be the main target for attackers, according to Inetum’s report. This is particularly true in Belgium, where digital ID cards will be introduced in November. Ransomware attacks are expected to remain one of the most lucrative forms of cybercrime, with attackers using double or triple extortion tactics against public and private organizations.
At the same time, “as-a-service” models continue to facilitate access to cybercrime, while DDoS attacks are expected to increase in volume and sophistication, driven by IoT botnets and illicit attack services.
State-sponsored APT groups are also expected to step up their operations against critical sectors, with cyber activity increasingly mirroring military and geopolitical developments.
Investing more
“AI now plays a central role in attack and defense strategies,” concludes Peter Vandeput. Hackers are already using it to automate phishing, refine their evasion techniques, and amplify influence operations…”
He calls on security teams to respond by implementing AI-based detection systems and automated responses, while accepting that the risk will never completely disappear.
“Located at the heart of Europe, Belgian organizations will need to increase their investments and accelerate implementation to fully control and protect their data from foreign actors.”
