Check Point Research’s latest Global Threat Intelligence Report for August 2025 shows that organisations worldwide faced an average of 1 994 cyberattacks per week and, while this marked a 1% decline from July, it represents a 10% increase YoY – reinforcing that the global cyberthreat landscape remains at historically high levels.
Regionally, Africa reported the highest average volume of cyberattacks at 3 239 weekly per organisation (-3%), while Asia-Pacific (2 877 weekly, +2% YoY) and Latin America (2 865 weekly, +6% YoY) also saw high volumes driven by rapid digitisation and uneven investment in cyber resilience.
Europe’s attacks rose by 13% YoY to 1 685 weekly incidents, and North America stood out with a 20% YoY spike to 1 480 weekly attacks with ransomware fueling the surge – the US alone accounted for 54% of all ransomware cases worldwide.
Of the four African countries included in the report, Angola suffered the most attacks at 3 648 per organisation per week (-37% YoY), followed by Kenya at 3 448 per organisation per week (-23% YoY), Nigeria 3 394 (-19% YoY), and South Africa 2 148 (+26% YoY).
“August’s threat data makes one thing clear: cyberattacks are intensifying in both volume and impact,” says Lorna Hardie, regional director: Africa, Check Point Software Technologies. “Africa’s top spot as the most attacked region in the world is cause for alarm. We as a continent need to be doing far more to raise cybersecurity awareness and implement the necessary measures to improve cyber resilience across the board.
“Education, telecoms, and agriculture are being targeted because they are essential and because attackers know disruption here creates maximum leverage,” Hardie adds.
The targets: Who and where
The education sector once again was the most targeted globally, experiencing an average of 4 178 weekly attacks per organisation last month (+13% YoY). This reflects both the sector’s ongoing digitisation, creating a wider attack surface, and its traditionally underfunded cybersecurity defences – making it an easy target for threat actors.
Telecommunications companies, vital to both business and consumer connectivity, suffered 2 992 weekly attacks (+28% YoY) highlighting their role as both critical infrastructure and a gateway to downstream targets.
Government institutions, a consistent focus for cybercriminals and nation-state actors, recorded 2 634 weekly attacks (+3%) while agriculture faced the most dramatic growth at 101% YoY with 1 667 attacks, underlining attackers’ interest in exploiting global supply chains and food security.
The industry’s heavy reliance on technology, IoT sensors, and drones makes it an attractive target for threat actors.
Ransomware escalation
Ransomware remained an extremely disruptive threat vector with 531 publicly reported incidents globally in August, up 14% YoY. North America was hit the most, accounting for 57% of reported cases followed by Europe at 24%.
By industry, industrial manufacturing (13,6%), business services (11,9%), and construction & engineering (10,4%) bore the brunt of attacks. Other sectors including healthcare, consumer goods, and financial services were also significantly impacted.
Leading ransomware groups included Qilin (16% of attacks), Akira (8%), and Inc. Ransom (6%) – the latter notably focusing on healthcare and education, both sectors which are critical to public trust and daily life.
Omer Dembinsky, data research manager at Check Point Research, says: “August’s threat data makes one thing clear: cyberattacks are intensifying in both volume and impact,” says Omer Dembinsky, data research manager at Check Point Research. “Education, telecoms, and agriculture are being targeted because they are essential and because attackers know disruption here creates maximum leverage.
“With ransomware rising and AI accelerating attack speed, the only sustainable path forward is a prevention-first, AI-powered strategy,” Dembinsky adds. “Organisations must move beyond detection to realtime prevention, protecting the network, cloud, endpoints, and identities in an integrated way.
“Only by doing so can we build resilience and safeguard critical services against relentless cyber adversaries,” he says.