The annual report by the Postal Police depicts a country increasingly targeted by cybercriminals. But the real vulnerability is not the systems: it’s the human factor.
2025 ended with an alarming tally: over 9,200 cases of cyberattacks recorded by the Postal Police, nearly 50,000 alerts issued to prevent threats to national interest systems. The numbers in the annual report paint a scenario where digital crime evolves faster than defenses.
Investigative activities have yielded significant results: 51,560 cases handled, 293 arrests, 7,590 people reported.
Important numbers, but they should not be misleading. Behind the repressive effectiveness emerges a context where attacks are now transversal and indiscriminately affect critical infrastructures, businesses, and citizens.
Ivano Gabrielli, head of the Postal Police, highlights how 2025 showed increasing complexity: attacks on critical infrastructures, ransomware, fraud, and child exploitation. The speed at which incidents spread necessitates continuous monitoring, combining advanced technologies and investigative skills.
The international dimension also weighs in: the National Cybercrime Center for Critical Infrastructure Protection (Cnaipic) managed 47 requests for international cooperation, allowing the identification and referral of about 169 individuals. Cybercrime knows no borders and uses the dark web as its natural operational space.
The issue of minors is particularly sensitive. Data shows that the age group between 14 and 16 accounts for over half of the victims, with hundreds of cases of cyberbullying (361) and thousands (2,574) of proceedings related to child pornography and grooming. with (222) arrests. A figure that confirms how the digital dimension is no longer separable from the social and educational one.
The crucial role of prevention
In the face of this scenario, the response cannot be solely repressive. In 2025, the awareness activities of the Postal Police involved 4,309 schools, over 324,000 students, nearly 26,000 teachers, and over 17,000 parents. The online police station recorded 5.2 million visits and handled over 94,000 reports. Numbers that indicate a growing demand for support and guidance.
But there remains a vulnerability that no technology can solve: the human factor.
Experts reiterate: in most incidents, the entry point is not a technical flaw, but a behavior. A click on a phishing link, a reused password, an attachment opened without checks.
It is on these daily actions that ransomware campaigns are built, capable of compromising an entire corporate network starting from a single mistake. All it takes is for one person to fall into the trap of an apparently harmless email for the entire corporate network to be compromised. The damage can be devastating: encrypted data, million-dollar ransoms, operational disruptions, loss of reputation.
The damages are well-known: encrypted data, ransom demands, operational interruptions, loss of trust. And the problem affects everyone. SMEs, professionals, local authorities. Often, the smallest entities become prime targets because they are less structured. The paradox is evident: investment is made in firewalls and advanced solutions, but the most fragile element is still neglected, the people who use those systems every day.
Training as a strategic investment
For this reason, training can no longer be considered a formal requirement. It is a strategic investment. The most mature organizations have understood that cybersecurity is a shared responsibility, involving the entire structure, from the top to daily operations.
Effective training is not episodic, but continuous. It must be practical, contextual, adapted to roles. Cybercriminals constantly refine their techniques, and the ability to recognize a threat must evolve at the same pace. Phishing simulations, awareness programs, micro-learning, and e-learning platforms are increasingly widespread tools because they produce measurable results; the reduction of risk related to social engineering can reach up to 80% when preparation is structured and constant.
The challenge for companies and organizations is therefore twofold.
On one hand, updating technological defenses, on the other, investing in the growth of internal awareness. Transforming every employee from a potential entry point to a first line of defense. Building a culture of cybersecurity that is not confined to IT, but integrated into processes and decisions.
The data from the Postal Police clearly reminds us: the threat is real and constantly evolving.
But they also indicate the direction of the response. In an increasingly complex digital context, the most effective weapon is not just software. It is the ability of people to recognize the risk before it becomes an incident.
The challenge for companies and organizations must be twofold: updating technological defenses and investing in continuous training. Transforming every employee from a weak link into an active sentinel. Creating a culture of cybersecurity in every process.
The data from the Postal Police reminds us that the threat is real and evolving, but they also indicate the direction of the response. In an increasingly complex digital context, the most effective weapon is not just software. It is the ability of people to recognize the risk before it becomes an incident.
In cyber warfare, the most powerful weapon is not software: it is knowledge.
