--- title: "Cyber Threats Italy April 2025 | ACN Report" description: "ACN Operational Summary for April 2025: analysis of cyber threats targeting Italy, attack trends, and key incidents affecting Italian organizations." canonical: https://www.aegister.com/en/cms/insights/cyber-threats-italy-april-2025-summary/ url: /en/cms/insights/cyber-threats-italy-april-2025-summary/ lang: en --- ![](/static/images/header-contact.webp) # Cyber Threats in Italy – ACN Operational Summary, April 2025 --- ![Cyber Threats in Italy – ACN Operational Summary, April 2025](/static/images/cms/cyber-threats-italy-april-2025-summary.webp) ## Cyber Threats in Italy – ACN Operational Summary, April 2025 May 22, 2025 [ACN](/en/cms/keyword/acn/) [CSIRT](/en/cms/keyword/csirt/) [ransomware](/en/cms/keyword/ransomware/) [cyber threats](/en/cms/keyword/cyber-threats/) +4 The [April 2025 Operational Summary](https://www.acn.gov.it/portale/w/operational-summary-aprile-2025) from Italy's National Cybersecurity Agency (ACN) presents a clear picture of the evolving cyber threat landscape in Italy. Despite a drop in overall cyber events from the previous month, ransomware and DDoS attacks have surged significantly. With the [NIS2 compliance deadline](/en/cms/insights/nis2-obligations-italian-organizations-2025#compliance-deadline) approaching, organizations must be particularly vigilant against these threats. ## Key Figures – April 2025 - 163 cyber events recorded (-82 vs March) - 260 confirmed victims (-531) - 426 potentially compromised assets (-819) - 24 ransomware attacks (+30% month-over-month) - Sharp decrease (~90%) in DDoS attacks and 80% in defacement incidents - 67 alerts published on the [CSIRT Italia](https://www.acn.gov.it/portale/csirt-italia/) website - 4,299 new CVE vulnerabilities reported (+360 vs March) ## Most Affected Sectors - Central Public Administration - Telecommunications (notably via spear phishing attacks) - Transport and logistics infrastructure ## Key Technical Weaknesses - Improper email authentication system configurations (SPF, DKIM, DMARC) - Decline in hacktivist activity related to the Russia–Ukraine conflict The **CSIRT Italia** sent 3,733 direct communications in April alone to warn organizations of risks or ongoing threats. As cyber risks continue to evolve, timely intelligence remains critical to maintaining national digital resilience. Organizations subject to [NIS2 baseline security measures](/en/cms/insights/nis2-basic-measures-acn#baseline-measures) must implement robust protection against these threats. Our [NIS2 compliance guide](/en/cms/insights/aegister-nis-2-guide#implementation-guide) provides detailed recommendations for addressing these threats. Read the full summary: [Cyber Threats in Italy – ACN April 2025](https://www.acn.gov.it/portale/w/cyberminacce-in-italia-la-situazione-nell-operational-summary-di-aprile) ## Key highlights - Cyber Threats in Italy – ACN Operational Summary, April 2025 summarizes Aegister's event participation and key outcomes. - The publication date for this update is 2025-05-22. - The focus remains on international cybersecurity networking and service positioning. ## FAQ ### What event is covered in this recap? This article covers Aegister's participation in an international cybersecurity event highlighted in the post. ### Where could visitors meet Aegister during the event? Visitors could meet the team at stand SP64 during the event days. ### How can organizations follow up after the event? Organizations can continue the conversation through Aegister's official channels and published insights. ## Official sources - [Official reference 1](https://www.gisec.ae/) - [Official reference 2](https://www.dwtc.com/en/events) - [Official reference 3](https://www.dwtc.com/en/) - [Official reference 3](https://www.acn.gov.it/portale/w/operational-summary-aprile-2025) - [Official reference 3](https://www.acn.gov.it/portale/csirt-italia/) ## Operational implications after the event Cyber Threats in Italy – ACN Operational Summary, April 2025 should be used as an operational follow-up reference, not only as an event recap. Organizations evaluating similar initiatives should map discussed themes to internal priorities, decision owners, and next action windows so the event output becomes execution input. - Extract practical control themes and assign review owners in GRC and security teams. - Translate high-level takeaways into measurable implementation tasks and deadlines. - Document stakeholder decisions and preserve evidence of why priorities were selected. - Use recurring checkpoints to validate that post-event actions remain aligned with risk objectives. Publication reference date: 2025-05-22. Keep timeline communication consistent with absolute calendar dates. Share this post ## Related News [![Cyber Threats 2025: The Most Common Attacks and How to Defend Against Them](/static/images/cms/cyber-threats-2025-common-attacks.webp)](/en/cms/insights/cyber-threats-2025-common-attacks/) [Cyber Threats 2025: The Most Common Attacks and How to Defend Against Them](/en/cms/insights/cyber-threats-2025-common-attacks/) [An in-depth look at the most common cyber threats in 2025 from ransomware to supply chain attacks and how organizations can defend themselves using standards like the NIST CSF and ACN strategy.](/en/cms/insights/cyber-threats-2025-common-attacks/) [ACN](/en/cms/keyword/acn/) [cybersecurity](/en/cms/keyword/cybersecurity/) +6 [![Cybersecurity Monthly Report – January 2025 (Italy, EU, Global)](/static/images/cms/cyber-monthly-report-jan-2025.webp)](/en/cms/insights/cybersecurity-monthly-report-january-2025/) [Cybersecurity Monthly Report – January 2025 (Italy, EU, Global)](/en/cms/insights/cybersecurity-monthly-report-january-2025/) [Aegister's January 2025 monthly cybersecurity report: DORA goes live, NIS2 registration milestones, key vulnerabilities (VPN/edge), ransomware policy signals, and operational actions for boards and security teams.](/en/cms/insights/cybersecurity-monthly-report-january-2025/) [NIS2](/en/cms/keyword/nis2/) [ACN](/en/cms/keyword/acn/) +14 [![New NIS Subjects in 2026: Incident-Notification and Baseline-Measure Deadlines](/static/images/cms/nis-registrazione-2026-scadenza.webp)](/en/cms/insights/new-nis-subjects-2026-incident-notification-deadlines/) [New NIS Subjects in 2026: Incident-Notification and Baseline-Measure Deadlines](/en/cms/insights/new-nis-subjects-2026-incident-notification-deadlines/) [The ACN 2026 timing determination sets a distinct implementation path for entities first listed in the Italian NIS perimeter during 2026: significant-incident notification starts on 1 January 2027 and baseline security measures must be adopted by 31 July 2027.](/en/cms/insights/new-nis-subjects-2026-incident-notification-deadlines/) [ACN](/en/cms/keyword/acn/) [compliance](/en/cms/keyword/compliance/) +8