ANSSI's 2025 Cyber Threat Report Highlights Stable Incident Volume and Evolving Attack Trends

16 Jun 2026

cybersecurityANSSIFrancethreat_report2025cyber_incidentsransomwaredata_theftstate_sponsored_attackscybercrimesupply_chain_vulnerabilitiesAI_riskcyber_resilience_actsecurity_hygiene

The video features Vincent Strubel, Director General of France’s ANSSI (Agence Nationale de la Sécurité des Systèmes d’Information), discussing the agency’s annual Panorama de la Cybermenace for 2025. The report highlights a stable volume of cyber incidents—1,366 in 2025 compared to 1,361 in 2024—despite a perceived surge in data breaches, with ransomware attacks slightly declining while data theft becomes more prevalent. Key trends include blurred lines between state-sponsored, criminal, and activist attackers, shared attack infrastructures, and the rise of 'Initial Access Brokers' selling system access to both criminals and states. ANSSI emphasizes persistent structural weaknesses in security practices, such as poor patch management and legacy systems, and warns against over-reliance on AI without robust risk assessment. The report also underscores supply chain vulnerabilities, citing attacks on IT and non-IT subcontractors, and notes that ransomware remains a threat (128 incidents in 2025) despite law enforcement disruptions. Strubel advocates for prioritizing basic security hygiene over 'magic solutions' and stresses the need for regulatory frameworks like the EU’s Cyber Resilience Act to enforce accountability. The discussion concludes with a call to critically assess attacker narratives and rely on structured threat analyses.