Findings spotlight major attack growth in certain sectors, with unique regional trends and public ransomware data guiding future threat vigilance.
An international cybersecurity firm’s analysis of its Q2 2025 incident data has found that average weekly attacks per client organization was 1,984, a 21% rise compared to the data in the same quarter of 2024.
Within the firm’s Q2 incident data review, the education sector in its user base had been the most heavily targeted, recording an average of 4,388 attacks per organization each week: a 31% year-on-year increase. Also:
- Government agencies and telecommunications providers in the user based followed closely, with weekly averages of 2,632 and 2,612 attacks, respectively.
- Regionally, the firm’s customers in Africa had seen the highest average volume of cyberattacks per organization, with 3,365 incidents weekly, followed by those in the Asia Pacific and Latin America regions. In contrast, those in Europe, though not leading in overall incident volume, had experienced the sharpest year-on-year growth in attacks in Q2, with a rise of 22% compared to data for the same region in Q2 2024.
- Ransomware activity was also monitored via public disclosures on so-called “shame sites,” revealing approximately 1,600 reported incidents globally for the quarter. Customers in North America and Europe had accounted for a combined 78% of these cases, although the firm notes that these figures likely understate the true scale of infections, as leak site data is inherently incomplete.
According to the Q2 analysis by Check Point Research, the data warrants its close tracking of the following trends within its protection ecosystem in the quarters ahead:
- Shifts in sector-specific targeting
- Regional variances in attack volumes
- Ongoing ransomware disclosures via public sources
The firm reminds all organizations that, while no single solution can completely eliminate cyber risk, cyber resilience can be significantly enhanced through the implementation of multiple coordinated layers of protection. This approach helps to reduce both the likelihood and impact of a successful attack.