Check Point report reveals 44% rise in cyber-attacks

Check Point Software Technologies has released its annual security report, The State of Global Cyber Security 2025, revealing a 44% increase in cyber-attacks worldwide over the past year.

This report, which draws on data from 170 countries, analyses evolving cyber threats, focusing on the increasing prevalence of ransomware. It also offers recommendations for Chief Information Security Officers (CISOs).

Maya Horowitz, Vice President of Research at Check Point Software, commented on the importance of the report's findings: "Cyber security in 2025 is not only about protecting networks; it's about safeguarding trust in our systems and institutions. The State of Global Cyber Security 2025 highlights the rapid evolution of threats and reinforces the need for resilience in the face of persistent and complex adversaries."

Significant changes have been observed in the role of generative AI (GenAI), notably in cyber-attacks throughout 2024. GenAI has been used for disinformation campaigns and deepfake videos to accelerate cyber-attacks, facilitate financial theft, and sway public opinion.

The report also highlights a 58% surge in information stealer attacks, indicating a mature cyber ecosystem. The attacks predominantly targeted personal devices, focusing on bring-your-own-device (BYOD) environments to compromise corporate resources.

The report illustrates several key findings on the state of cyber warfare. It points out that nation-states are moving from high-impact, acute attacks to chronic campaigns aiming to undermine trust and destabilise systems. Notably, AI-powered disinformation and influence campaigns impacted one-third of global elections between September 2023 and February 2024.

Ransomware tactics also evolved in 2024, shifting from traditional encryption-based attacks to data exfiltration and extortion methods. These tactics simplified operations while increasing financial gains. The healthcare sector witnessed a 47% spike in attacks and was identified as the second most targeted industry.

Exploiting edge devices like routers and VPNs were crucial in the cyber-attacks noted during this period. More than 200,000 devices were compromised and controlled by sophisticated botnets such as Raptor Train, managed by state-sponsored actors.

According to the report, a staggering 96% of exploits in 2024 were based on vulnerabilities disclosed before the year, underscoring the critical need for proactive patch management.

For the fifth year in a row, the education sector was the most targeted industry, with a 75% increase in attacks year over year.

The report outlines several recommendations for CISOs to effectively manage these ongoing challenges. One recommendation is strengthening BYOD security by enforcing strict policies and deploying endpoint protection. Another is to invest in threat intelligence through AI-driven tools to monitor and counter disinformation campaigns and address known vulnerabilities with robust patch management.

Furthermore, securing edge devices such as routers, VPNs, and IoT devices is emphasised to prevent their exploitation as operational relay points for attackers. Building resilience with a comprehensive incident response plan and continuous monitoring is also advised to prepare for persistent threats.