By 
Q1 2025 Global Cyber Attack Report from Check Point Software: Africa most targeted region in an almost 50% surge in cyber threats worldwide.
- Cyber attack Surge: In Q1 2025, cyber attacks per organisation increased by 47%, reaching an average of 1,925 weekly attacks.
- Regional Attack Growth: Africa had the highest average with 3,286 weekly attacks. South Africa with a comparatively modest number of attacks at 1884 per organisation per week had the most dramatic rise in attacks with a YoY increase of 69%. Nigerian organisations experience an average of 4388 attacks per week (47% increase YoY), while Angolan organisations are attacked on average 4 727 (+32% rise YoY). Kenyan organisations are attacked 4004 times per week on average (+14% YoY)
- Sectors Most Affected: Education saw the highest number of attacks, with 4,484 weekly, followed by government and telecommunications with 2,678 and 2,664 attacks, respectively.
- Ransomware Surge: Ransomware attacks rose by 126%, with North America accounting for 62% of global incidents, and consumer goods & services being the most targeted sector.
The first quarter of 2025 saw cyber attacks around the global up sharply, with businesses experiencing more frequent – and more sophisticated – attacks. The average number of cyber attacks per organisation reached 1,925 per week, marking a 47% rise compared to the same period in 2024. As cyber criminals adapt and evolve their tactics, sectors such as education, government, and telecommunications found themselves most frequently in the cross hairs of these attacks.
RELATED: Highest increase of global cyber attacks in two years
The following are the most important attack trends Check Point Research has documented for the first three months of 2025.
Overall Global Cyber Attacks in Q1 2025
The average number of attacks per organisation per week increased to 1,925, a 47% rise from the same period in 2024. This spike highlights the growing challenge businesses face in maintaining robust cyber security postures amid a constantly evolving threat landscape.
Regional Overview of Cyber Attacks
When examining global regions, Africa saw the highest average number of cyber attacks per organisation, with 3,286 weekly attacks—reflecting a 39% year-over-year (YoY) increase. The APAC region also experienced a significant rise, with an average of 2,934 attacks, up by 38%. However, Latin America experienced the most extreme growth in cyber attacks, with a jaw-dropping 108% YoY increase, reaching 2,640 attacks per organisation per week.
|
Region |
Avg Weekly Attacks per Org |
YoY Change ADVERTISEMENT
 |
|---|---|---|
|
Africa |
3,286 |
+39% |
|
APAC |
2,934 |
+38% |
|
Latin America |
2,640 |
+108% |
|
Europe |
1,612 |
+57% |
|
North America |
1,357 |
+40% |
The African countries mentioned in the research provide an insight into the dramatic nature of the increase in cyber attacks.
South Africa has a comparatively modest number of attacks at 1,884 per organisation per week. However, this represents a YoY rise of 69%! Nigerian organisations experience an average of 4,388 attacks per week (47% increase YoY), while Angolan organisations are attacked on average 4,727 week (+32% rise YoY). Kenyan organisations are attacked 4004 times per week on average (+14% YoY).
|
Region |
Avg Weekly Attacks per Org |
YoY Change |
|---|---|---|
|
Kenya |
4,004 |
+14% |
|
South Africa |
1,884 |
+69% |
|
Nigeria |
4,388 |
+47% |
|
Angola |
4,727 |
+32% |
Cyber Attacks by Industry
While no market sector is immune from cyber attack, the education sector was the hardest hit in Q1 2025, averaging 4,484 attacks per organisation each week—a staggering 73% increase from the previous year. The government sector followed closely, with 2,678 attacks per organisation per week, a 51% increase, while the telecommunications sector experienced the highest percentage increase, with a 94% jump, reaching 2,664 attacks per organisation weekly.
The growing reliance on digital infrastructure in these industries, coupled with their public-facing nature, makes these critical infrastructure sectors prime targets for cyber criminals looking to exploit vulnerabilities.
Ransomware Attacks Surge
Ransomware attacks continue to escalate, with a 126% increase compared to Q1 2024, totaling 2,289 reported incidents. North America accounted for the majority of ransomware attacks, representing 62% of all reported cases, followed by Europe at 21%.
The consumer goods & services sector was the most targeted by ransomware, making up 13.2% of reported attacks globally. Business services and industrial manufacturing sectors followed closely, accounting for 9.8% and 9.1%, respectively. Ransomware groups, particularly those involved in double-extortion tactics, are expanding their reach and impact across industries worldwide.
|
Industry |
Ransomware Victims (%) |
|---|---|
|
Consumer Goods & Services |
13.2% |
|
Business Services |
9.8% |
|
Industrial Manufacturing |
9.1% |
|
Healthcare & Medical |
7.2% |
|
Construction & Engineering |
6.5% |
To Combat Cyber Threats, Prevention-First Cyber Security Works
“The continued rise in cyber attacks underscores the need for more robust security measures. Organisations must prioritise strengthening their cyber security postures, including deploying advanced threat detection systems, training staff on cyber security best practices, and ensuring rapid incident response capabilities,” says Lionel Dartnall, Country Manager SADC, Check Point Software Technologies.
The rise in ransomware attacks, particularly in high-profile sectors like consumer goods & services, business services, and industrial manufacturing, highlights the critical need for organisations to implement robust backup strategies, network segmentation, and secure access controls to mitigate the impact of such threats.
Organisations must take proactive steps to safeguard their data and systems. Here are strategies inspired by best practices from Check Point Software:
- Enhance Security Posture: Regularly update and patch systems to close vulnerabilities. Multi-layered security measures, including firewalls and endpoint protection, are essential.
- Employee Training and Awareness: Regular training sessions can educate employees about the latest cyber threats and phishing tactics, fostering a culture of vigilance.
- Advanced Threat Prevention: Utilise technologies such as sandboxing and anti-ransomware tools to detect and block sophisticated attacks.
- Adopt Zero Trust Architecture: Implement strict identity verification for every person and device attempting to access network resources. This is particularly important to maintain hybrid cloud security.
- Regular Backups and Incident Response Planning: Ensure regular backups of critical data and develop comprehensive response plans to quickly address and mitigate the impact of attacks.
- Network Segmentation: Isolate critical systems to limit the spread of attacks and protect sensitive information.
- Vulnerability Management: Conduct regular vulnerability assessments and penetration testing, prioritising remediation efforts based on potential impact.
In the wake of increased cyber attacks, security leaders must prioritise cyber security that allows for increased visibility and control, adopting customised strategies to stop attacks before they can impact their business – and their bottom line.
Cyber security remains an ongoing battle, and businesses must remain vigilant to safeguard their assets, reputations, and the trust of their customers,” Dartnall concludes.
Keep an eye on new threats and the ever-changing threat landscape at Check Point Research.
