Homepage News We recommend

National CERT Annual Report for 2025

February 5, 2026.

1,513 cyber incidents in 2025: a 35.9% increase in reports shows greater public awareness of cybersecurity.

The number of processed incidents refers exclusively to those for which the National CERT received a report or discovered them through its own activities. The most common types of incidents in the past year were phishing attacks (32%), unwanted messages (19%), other types of financially motivated fraud (18%), and attack infrastructure (12%).

„The increase in the number of reports indicates the effect of proactive action by the National CERT, as well as continuous projects and campaigns aimed at raising razine public awareness of the importance of cybersecurity and incident reporting. The National CERT collaborates with numerous institutions and organizations at the national, European, and international levels, including CERT-love from other countries and NATO institutions, with the aim of strengthening cybersecurity and achieving common strategic goals in this area,“ he said Miro Đuzel, Assistant Director of CARNET for the National CERT.

Phishing attacks remain the leading type of incident, consistent with trends from previous years. The most significant change was observed in the category „Other types of financially motivated fraud“, where is the number of incidents Grew from 12 to 277. These include incidents such as sextortion scams, fake online stores, „work from home“ scams, and investment scams. Such data confirms that attackers are increasingly turning to scam models aimed at financial gain.

Greatest increasei A number of incidents were recorded in May and September 2025.
The May surge is associated with an increase in phishing campaigns, with the most frequently reported being campaigns mimicking law firms with malicious attachments, phishing campaigns imitating the e-Permit system, and smishing campaigns aimed at taking control of users' WhatsApp accounts. For all the listed campaigns, the National CERT issued timely warnings.

The reason for the increased number of incidents in September was also due to phishing campaigns, and those that impersonated were particularly notable Health Insurance Fund and Ministry of Interior, as well as campaigns that misled citizens into believing they had made profits through trading cryptocurrencies, with attackers impersonating agents of trading platforms or financial institutions.

The total number of recorded bots by type of malicious content during 2025 amounts to 126,098., which represents a reduction of 33.37 % compared to 2024.

The National CERT continued its development PiXi platform, through which, from May 2025, it will be possible to fulfill legal obligations for reporting incidents by categorized entities in accordance with the Cybersecurity Act (Official Gazette 14/24), for five key sectors: banking, financial market infrastructure, digital infrastructure, research, and the education system.

Increased use of the service has also been recorded CERT iffy, system intended for checking online stores. During 2025, it was checked 37 191 URL.

In 2025, the National CERT achieved significant milestones in national and international cooperation, media visibility, professional development of employees, and strengthening readiness to respond to increasingly complex security challenges.

During 2025. years, through intensive networking and collaboration with the Ministry of the Interior, FER, the Croatian Banking Association, and other national and international stakeholders, the exchange of information, system resilience, and readiness have been further strengthened. answers to cyber threats. Ncompetitions, conferences, expert meetings, training by invitation of institutions, and participation in national and European initiativesEuropean Cyber Security Month, Safer Internet Day, international conference „Empowering the Human Element” organized in cooperation with European Union Agency for Cybersecurity ENISA, conference ConCERT) contributed to the systematic strengthening of capacities cyber communities. At the same time, campaigns and public activities were carried out aimed at raising razine citizens' awareness, development of cyberculture, and empowerment of youth and the general public for active and responsible participation in the digital environment.

All details about security threats and protection recommendations can be found in the National CERT Annual Report for 2025, available at www.cert.hr

Privacy Overview
CARNET

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.

Strictly Necessary Cookies

Strictly Necessary Cookie should be enabled at all times so that we can save your preferences for cookie settings.

Analytics

This website uses Google Analytics to collect anonymous information such as the number of visitors to the site, and the most popular pages.

Keeping this cookie enabled helps us to improve our website.