Q1 2025 Global Cyber Attack Report from Check Point Software: Africa most targeted region in an almost 50% surge in cyber threats worldwide

    Cyber attack Surge: In Q1 2025, cyber attacks per organisation increased by 47%, reaching an average of 1,925 weekly attacks.

    Regional Attack Growth: Africa had the highest average with 3,286 weekly attacks. South Africa with a comparatively modest number of attacks at 1884 per organisation per week had the most dramatic rise in attacks with a YoY increase of 69%. Nigerian organisations experience an average of 4388 attacks per week (47% increase YoY), while Angolan organisations are attacked on average 4 727 (+32% rise YoY).  Kenyan organisations are attacked 4004 times per week on average (+14% YoY)

    Sectors Most Affected: Education saw the highest number of attacks, with 4,484 weekly, followed by government and telecommunications with 2,678 and 2,664 attacks, respectively.

    Ransomware Surge: Ransomware attacks rose by 126%, with North America accounting for 62% of global incidents, and consumer goods & services being the most targeted sector.

The first quarter of 2025 saw cyber attacks around the global up sharply, with businesses experiencing more frequent – and more sophisticated – attacks. The average number of cyber attacks per organisation reached 1,925 per week, marking a 47% rise compared to the same period in 2024.  As cyber criminals adapt and evolve their tactics, sectors such as education, government, and telecommunications found themselves most frequently in the cross hairs of these attacks.

The following are the most important attack trends Check Point Research has documented for the first three months of 2025.

Overall Global Cyber Attacks in Q1 2025

The average number of attacks per organisation per week increased to 1,925, a 47% rise from the same period in 2024. This spike highlights the growing challenge businesses face in maintaining robust cyber security postures amid a constantly evolving threat landscape.

Regional Overview of Cyber Attacks

When examining global regions, Africa saw the highest average number of cyber attacks per organisation, with 3,286 weekly attacks—reflecting a 39% year-over-year (YoY) increase. The APAC region also experienced a significant rise, with an average of 2,934 attacks, up by 38%. However, Latin America experienced the most extreme growth in cyber attacks, with a jaw-dropping 108% YoY increase, reaching 2,640 attacks per organisation per week.

Region	Avg Weekly Attacks per Org	YoY Change
Africa	3,286	+39%
APAC	2,934	+38%
Latin America	2,640	+108%
Europe	1,612	+57%
North America	1,357	+40%

The African countries mentioned in the research provide an insight into the dramatic nature of the increase in cyber attacks.

South Africa has a comparatively modest number of attacks at 1,884 per organisation per week.  However, this represents a YoY rise of 69%!  Nigerian organisations experience an average of 4,388 attacks per week (47% increase YoY), while Angolan organisations are attacked on average 4,727 week (+32% rise YoY).  Kenyan organisations are attacked 4004 times per week on average (+14% YoY).

Region	Avg Weekly Attacks per Org	YoY Change
Kenya	4,004	+14%
South Africa	1,884	+69%
Nigeria	4,388	+47%
Angola	4,727	+32%

Cyber Attacks by Industry

While no market sector is immune from cyber attack, the education sector was the hardest hit in Q1 2025, averaging 4,484 attacks per organisation each week—a staggering 73% increase from the previous year. The government sector followed closely, with 2,678 attacks per organisation per week, a 51% increase, while the telecommunications sector experienced the highest percentage increase, with a 94% jump, reaching 2,664 attacks per organisation weekly. The growing reliance on digital infrastructure in these industries, coupled with their public-facing nature, makes these critical infrastructure sectors prime targets for cyber criminals looking to exploit vulnerabilities.

A graph of data on a white background AI-generated content may be incorrect.

Ransomware Attacks Surge

Ransomware attacks continue to escalate, with a 126% increase compared to Q1 2024, totaling 2,289 reported incidents. North America accounted for the majority of ransomware attacks, representing 62% of all reported cases, followed by Europe at 21%.

A pie chart with different colored circles AI-generated content may be incorrect.

The consumer goods & services sector was the most targeted by ransomware, making up 13.2% of reported attacks globally. Business services and industrial manufacturing sectors followed closely, accounting for 9.8% and 9.1%, respectively. Ransomware groups, particularly those involved in double-extortion tactics, are expanding their reach and impact across industries worldwide.

To Combat Cyber Threats, Prevention-First Cyber Security Works

"The continued rise in cyber attacks underscores the need for more robust security measures. Organisations must prioritise strengthening their cyber security postures, including deploying advanced threat detection systems, training staff on cyber security best practices, and ensuring rapid incident response capabilities," says Lionel Dartnall, Country Manager SADC, Check Point Software Technologies.

The rise in ransomware attacks, particularly in high-profile sectors like consumer goods & services, business services, and industrial manufacturing, highlights the critical need for organisations to implement robust backup strategies, network segmentation, and secure access controls to mitigate the impact of such threats.

Organisations must take proactive steps to safeguard their data and systems. Here are strategies inspired by best practices from Check Point Software:

    Enhance Security Posture: Regularly update and patch systems to close vulnerabilities. Multi-layered security measures, including firewalls and endpoint protection, are essential.

    Employee Training and Awareness: Regular training sessions can educate employees about the latest cyber threats and phishing tactics, fostering a culture of vigilance.

    Advanced Threat Prevention: Utilise technologies such as sandboxing and anti-ransomware tools to detect and block sophisticated attacks.

    Adopt Zero Trust Architecture: Implement strict identity verification for every person and device attempting to access network resources. This is particularly important to maintain hybrid cloud security.

    Regular Backups and Incident Response Planning: Ensure regular backups of critical data and develop comprehensive response plans to quickly address and mitigate the impact of attacks.

    Network Segmentation: Isolate critical systems to limit the spread of attacks and protect sensitive information.

    Vulnerability Management: Conduct regular vulnerability assessments and penetration testing, prioritising remediation efforts based on potential impact.

In the wake of increased cyber attacks, security leaders must prioritise cyber security that allows for increased visibility and control, adopting customised strategies to stop attacks before they can impact their business – and their bottom line.

Cyber security remains an ongoing battle, and businesses must remain vigilant to safeguard their assets, reputations, and the trust of their customers," Dartnall concludes.

Keep an eye on new threats and the ever-changing threat landscape at Check Point Research.

* The statistics and data used in this report present data detected by Check Point ThreatCloud AI platform, which analyses big data telemetry and millions of Indicators of Compromise (IoCs) daily. Our threat intelligence database is sourced from 150,000 connected networks, millions of endpoint devices, Check Point Research (CP), and dozens of external feeds. Over 50 AI-powered engines provide weekly reports on attacks our solutions prevented, and organisational networks Check Point protected, broken down by country and sector

Follow Check Point via:  

LinkedIn: https://www.linkedin.com/company/check-point-software-technologies

X: https://www.twitter.com/checkpointsw

Facebook: https://www.facebook.com/checkpointsoftware

Blog: https://blog.checkpoint.com

YouTube: https://www.youtube.com/user/CPGlobal

About Check Point Research  

Check Point Research provides leading cyber threat intelligence to Check Point Software customers and the greater intelligence community. The research team collects and analyzes global cyber-attack data stored on ThreatCloud to keep hackers at bay, while ensuring all Check Point products are updated with the latest protections. The research team consists of over 100 analysts and researchers cooperating with other security vendors, law enforcement and various CERTs.

About Check Point Software Technologies Ltd. 
Check Point Software Technologies Ltd. (www.checkpoint.com) is a leading AI-powered, cloud-delivered cyber security platform provider protecting over 100,000 organizations worldwide. Check Point leverages the power of AI everywhere to enhance cyber security efficiency and accuracy through its Infinity Platform, with industry-leading catch rates enabling proactive threat anticipation and smarter, faster response times. The comprehensive platform includes cloud-delivered technologies consisting of Check Point Harmony to secure the workspace, Check Point CloudGuard to secure the cloud, Check Point Quantum to secure the network, and Check Point Infinity Core Services for collaborative security operations and services.

Legal Notice Regarding Forward-Looking Statements  

This press release contains forward-looking statements. Forward-looking statements generally relate to future events or our future financial or operating performance. Forward-looking statements in this press release include, but are not limited to, statements related to our expectations regarding future growth, the expansion of Check Point's industry leadership, the enhancement of shareholder value and the delivery of an industry-leading cyber security platform to customers worldwide. Our expectations and beliefs regarding these matters may not materialize, and actual results or events in the future are subject to risks and uncertainties that could cause actual results or events to differ materially from those projected. The forward-looking statements contained in this press release are also subject to other risks and uncertainties, including those more fully described in our filings with the Securities and Exchange Commission, including our Annual Report on Form 20-F filed with the Securities and Exchange Commission on April 2, 2024. The forward-looking statements in this press release are based on information available to Check Point as of the date hereof, and Check Point disclaims any obligation to update any forward-looking statements, except as required by law.