Switzerland ranked ninth in Europe and 22nd globally for frequency of cyberattacks in the first half of 2025, according to the sixth Microsoft’s Digital Defense Report released today. The country accounted for approximately 3.3% of all European organizations impacted by malicious cyber activity—meaning about three out of every 100 affected European organizations are Swiss.
Key findings:
- At least 52% of cyberattacks worldwide were driven by ransomware or extortion, while only 4% focused solely on espionage.
- Identity-based attacks surged 32% in the first half of 2025, with more than 97% being password attacks.
- In 80% of incidents investigated by Microsoft security teams last year, attackers sought to steal data for financial gain.
- Hospitals, schools, municipalities, and transit systems face real-world consequences including delayed emergency care and disrupted public services.
- Both attackers and defenders are leveraging AI: cybercriminals use it to automate phishing and create synthetic content, while defenders deploy AI-powered tools to detect and respond to threats faster.
- Nation-state actors from Russia, China, Iran, and North Korea continue to target sensitive sectors, increasingly blending with cybercriminal ecosystems.
The sixth annual Microsoft Digital Defense Report reveals in detail how cyber threats are evolving—and what organizations must do to stay ahead. Covering trends from July 2024 to June 2025, the report shows that cybercrime is accelerating in scale and sophistication, driven by financial motives and enabled by automation and AI.
“The latest data sends a clear signal: organizations must tighten identity controls, patch critical systems with urgency, and regularly validate their incident response plans,” said Marc Holitscher, National Technology Officer at Microsoft Switzerland. “Cyber resilience is no longer a choice — it’s a fundamental requirement for every organization, in every sector.
Microsoft processes more than 100 trillion security signals daily and screens 5 billion emails for malware/phishing, blocks approximately 4.5 million new malware attempts, analyzes 38 million identity risk detections, and continues to strengthen its security through its Secure Future Initiative, collaborate with public and private sectors to prevent cybercrime, and advocate for international rules that govern responsible internet use.
Organizations can take immediate action by implementing phishing-resistant multifactor authentication, which blocks over 99% of identity-based attacks, even when attackers have correct passwords.
Read the full Microsoft Digital Defense Report 2025:
Microsoft Digital Defense Report 2025 | Microsoft
Learn more about the Secure Future Initiative:
Secure Future Initiative – Secure by Design | Microsoft