//
1 min read

Check Point Reports 44% Surge in Global Cyber-Attacks in 2025

Check Point Software Technologies Ltd. has published its annual State of Global Cyber Security 2025 report, revealing a concerning 44% increase in global cyber-attacks compared to the previous year. The report provides insights into emerging cyber threats, evolving attack strategies, and offers guidance for Chief Information Security Officers (CISOs) to stay ahead of these growing risks.

“Cybersecurity in 2025 isn’t just about protecting networks; it’s about maintaining trust in our systems and institutions. The report underscores the rapid development of threats and stresses the importance of resilience when dealing with persistent and sophisticated adversaries,” said Maya Horowitz, VP of Research at Check Point Software.

The Check Point Threat Intelligence Report also focuses on India’s current cyber threat landscape, where organizations encountered an average of 3,291 attacks per week over the last six months, significantly higher than the global average of 1,847. The healthcare sector was the most targeted, with 8,614 attacks per organization each week, followed by Education/Research (7,983) and Government/Military (4,731). The report identifies prevalent malware in India, including Remote Access Trojans (RATs), the Formbook Infostealer, Maze Ransomware, and FakeUpdates botnets and downloaders.

India also experienced a significant data breach in May 2024, exposing 500 GB of biometric data, including fingerprints and facial scans of police, military, and public workers during elections. The breach, attributed to insecure databases managed by ThoughtGreen Technologies and Timing Technologies, highlights the vulnerabilities in India’s biometric systems.

Generative AI (GenAI) emerged as a key factor in cyber-attacks during 2024, contributing to disinformation campaigns, deepfakes, and facilitating financial theft. Infostealer attacks also rose by 58%, showing a more developed and sophisticated cyber threat environment. Personal devices, particularly in Bring Your Own Device (BYOD) settings, were increasingly targeted, with over 70% of infected devices being personal.

Key Findings from the 2025 Report:

  • Evolving Cyber Wars: Nation-states are moving from short-term attacks to long-term campaigns focused on eroding trust and destabilizing systems. AI-driven disinformation targeted one-third of global elections between September 2023 and February 2024.
  • Ransomware Evolution: Data exfiltration and extortion have overtaken traditional encryption-based attacks, simplifying operations and maximizing financial gains. Healthcare saw a 47% increase in attacks, becoming the second most targeted industry.
  • Edge Device Exploitation: Compromised routers, VPNs, and IoT devices have become key entry points for attackers, with over 200,000 devices controlled by advanced botnets like Raptor Train, often operated by state-sponsored actors.
  • Prevalent Vulnerabilities: 96% of exploits in 2024 leveraged vulnerabilities disclosed before the year, highlighting the critical importance of proactive patch management.
  • Targeted Industries: For the fifth consecutive year, education was the most attacked sector, with a 75% year-over-year increase in cyber-attacks.

Recommendations for CISOs:

  1. Strengthen BYOD Security: Establish strict security policies and deploy endpoint protection for devices accessing corporate networks.
  2. Invest in Threat Intelligence: Use AI-powered tools to detect and mitigate disinformation campaigns and emerging threats.
  3. Enhance Patch Management: Address known vulnerabilities proactively to reduce exposure to exploits.
  4. Secure Edge Devices: Protect routers, VPNs, and IoT devices from being used as relay points for cybercriminals.
  5. Focus on Resilience: Develop comprehensive incident response plans and maintain continuous monitoring to prepare for persistent threats.

Leave a Reply

Your email address will not be published.