Cyber-Attacks Increase 44% Amid Maturing Cyber Threat Ecosystem
January 23, 2025

With an alarming 44% increase in global cyber attacks year-over-year, the The State of Global Cyber Security 2025 from Check Point Software Technologies unveils new cyber trends, emerging threat actor tactics, and actionable CISO guidance for navigating this changing landscape unscathed.


"Cyber security in 2025 is not only about protecting networks; it's about safeguarding trust in our systems and institutions. The State of Global Cyber Security 2025 highlights the rapid evolution of threats and reinforces the need for resilience in the face of persistent and complex adversaries," said Maya Horowitz, VP of Research at Check Point Software.

The year 2024 was marked by the increasing role of generative AI (GenAI) in cyber-attacks. From disinformation campaigns to deepfake videos, GenAI was used to accelerate cyber attacks, steal money, and influence public opinion. At the same time, Infostealer attacks surged by 58%, revealing a maturing cyber ecosystem. Over 70% of infected devices were personal, as threat actors targeted bring-your-own device (BYOD) environments to breach corporate resources.

Key Findings from the 2025 Report

Evolving Cyber Wars: Nation-states are shifting from acute attacks to chronic campaigns aimed at eroding trust and destabilizing systems. AI-powered disinformation and influence campaigns targeted one-third of global elections between September 2023 and February 2024.

Ransomware Evolution: Data exfiltration and extortion overtook encryption-based attacks as the primary ransomware tactic, simplifying operations and maximizing payouts. Healthcare became the second most targeted industry, with a 47% increase in attacks year-over-year.

Edge Device Exploitation: Compromised routers, VPNs, and other edge devices served as key entry points for attackers. Over 200,000 devices were controlled by advanced botnets like Raptor Train, operated by state-sponsored actors.

Prevalent Vulnerabilities: 96% of exploits in 2024 leveraged vulnerabilities disclosed prior to the year, underscoring the importance of proactive patch management.

Targeted Industries: For the fifth consecutive year, education remained the most targeted industry, experiencing a 75% increase in attacks year-over-year

Recommendations for CISOs

Strengthen BYOD Security: Implement strict policies and deploy endpoint protection to mitigate risks from personal devices accessing corporate resources.

Invest in Threat Intelligence: Leverage AI-driven tools to monitor and preempt disinformation campaigns and emerging threats.

Enhance Patch Management: Address known vulnerabilities proactively to limit exposure to widespread exploits.

Secure Edge Devices: Implement robust security measures for routers, VPNs, and IoT devices to prevent them from becoming operational relay boxes for attackers.

Focus on Resilience: Prepare for persistent threats with comprehensive incident response plans and continuous monitoring.

Download The State of Global Cyber Security 2025

Share this

Industry News

February 10, 2025

Harness and Traceable have entered into a definitive merger agreement, creating an advanced AI-native DevSecOps platform.

February 10, 2025

Endor Labs announced a partnership with GitHub that makes it easier than ever for application security teams and developers to accurately identify and remediate the most serious security vulnerabilities—all without leaving GitHub.

February 07, 2025

Are you using OpenTelemetry? Are you planning to use it? Click here to take the OpenTelemetry survey.

February 06, 2025

GitHub announced a wave of new features and enhancements to GitHub Copilot to streamline coding tasks based on an organization’s specific ways of working.

February 06, 2025

Mirantis launched k0rdent, an open-source Distributed Container Management Environment (DCME) that provides a single control point for cloud native applications – on-premises, on public clouds, at the edge – on any infrastructure, anywhere.

February 06, 2025

Hitachi Vantara announced a new co-engineered solution with Cisco designed for Red Hat OpenShift, a hybrid cloud application platform powered by Kubernetes.

February 06, 2025

Onapsis announced Onapsis Control Central for SAP application security testing and custom code security supporting RISE with SAP transformations.

February 05, 2025

Progress announced its recognition in the 2025 Gartner Magic Quadrant for Digital Experience Platforms.

February 05, 2025

Copado announced comprehensive DevOps support for Salesforce Data Cloud deployments, enabling organizations to streamline the development and deployment of Agentforce solutions.

February 05, 2025

Appfire announced its acquisition of Flow, an enterprise software product for Software Engineering Intelligence (SEI), from Pluralsight.

February 04, 2025

Check Point® Software Technologies Ltd. announced new Infinity Platform capabilities to accelerate zero trust, strengthen threat prevention, reduce complexity, and simplify security operations.

February 04, 2025

WaveMaker announced the release of WaveMaker AutoCode, an AI-powered plugin for the Figma universe that produces pixel-perfect front-end components with lightning fast accuracy.

February 04, 2025

DoiT announced the acquisition of PerfectScale, an automated Kubernetes (K8s) optimization and governance platform.

February 03, 2025

Linux Foundation Europe and OpenSSF announced a global joint-initiative to help prepare maintainers, manufacturers, and open source stewards for the implementation of the EU Cyber Resilience Act (CRA) and future cybersecurity legislation targeting jurisdictions around the world.