Cyber attacks increase by 44 percent. Highlights of the 13th annual report with data from 170 countries include an analysis of cyber warfare, the spread of ransomware and recommendations for CISOs

Check Point Software Technologies Ltd. (NASDAQ: CHKP), a pioneer and leading global provider of cyber security solutions, has published its annual report ‘The State of Global Cyber Security 2025’. In the face of an alarming 44 per cent increase in global cyber attacks compared to the previous year, the report reveals new cyber trends, new hacker tactics and provides guidance to CISOs on how to get through the year unscathed.

‘Cybersecurity in 2025 is not just about protecting networks, but also about protecting trust in our systems and institutions. The State of Global Cybersecurity 2025 study shows the rapid evolution of threats and underscores the need for resilience in the face of persistent and sophisticated attackers,’ said Maya Horowitz, VP of Research at Check Point Software Technologies.

The year 2024 was marked by the increasing role of generative AI (GenAI) in cyber attacks. From disinformation campaigns to deepfake videos, GenAI was used to accelerate attacks, steal money and influence public opinion. At the same time, infostealer attacks increased by 58 per cent, indicating a mature cyber ecosystem. More than 70 per cent of infected devices were private, as hackers targeted bring-your-own-device (BYOD) environments to penetrate corporate networks.

Key findings of the 2025 report:

• Cyber-wars: Nation states are moving from acute attacks to ongoing campaigns aimed at undermining trust and destabilising systems. AI-powered disinformation and influence campaigns targeted one-third of the world’s elections between September 2023 and February 2024.
• Ransomware evolution: Data theft and extortion have replaced encryption-based attacks as the primary ransomware tactic, simplifying operations and maximising payoffs. Healthcare became the second most targeted industry, with a 47 per cent increase in attacks compared to the previous year.
• Exploitation of edge devices: Compromised routers, VPNs and other edge devices served as important entry points for attackers. Over 200,000 devices were controlled by advanced botnets such as Raptor Train, operated by state-backed actors.
• Widespread vulnerabilities: A staggering 96 per cent of exploits in 2024 used vulnerabilities that had already been disclosed, highlighting the importance of ongoing patch management.
• Sector differences: For the fifth consecutive year, education was the most targeted sector, with the number of attacks increasing by 75 per cent year on year.

Recommendations for CSOs.

• 1. Strengthen BYOD security: Strict policies should be implemented and endpoint protection enforced to minimise risks from private device access to corporate networks and applications.
• 2. Invest in threat intelligence: AI-driven tools can help monitor and pre-empt disinformation campaigns and emerging threats.
• 3. Improve patch management: Known vulnerabilities must be patched quickly to limit exposure to widespread attacks.
• 4. Secure edge devices: Robust security measures for routers, VPNs and IoT devices are needed to prevent them from becoming operational relay boxes for attackers.
• 5. Focus on resilience: The company must be prepared for ongoing threats. This requires comprehensive response plans and continuous monitoring.

Read the full report here: https://www.checkpoint.com/security-report