Check Point Research, the threat intelligence arm of the vendor Check Point Software, has released its Global Threat Intelligence Report for September 2025. Organisations worldwide each faced an average of 1,900 cyberattacks per week, a according to the report. While this marked a 4pc decrease from August, it represented a 1pc increase year-over-year, suggesting that global cyber threats remain at historically elevated levels.
GenAI new risks
With the rising use of Generative AI (GenAI) across business sectors, the researchers identified emerging risk from GenAI adoption: one in every 54 GenAI prompts from enterprise environments posed a high risk of sensitive data leakage, impacting 91pc of organisations that use GenAI tools regularly. An additional 15pc of prompts contained potentially sensitive information, such as customer details, proprietary code, or internal communications, underscoring the growing need for AI governance and data protection measures.
As for the impact by sector, education was again the most targeted globally, experiencing an average of 4,175 weekly attacks per organisation in September (down three per cent year on year). This targeting reflects both the sector’s rapid digital transformation, which expands its attack surface, and its typically underfunded cyber security defences, which make it a frequent and easy target for cybercriminals, according to the researchers.
The telecoms industry, vital to business continuity and consumer connectivity, suffered 2,703 weekly attacks per organisation (up six per cent, year on year), highlighting its dual role as critical infrastructure and an access point to downstream targets. Government institutions, a long-standing focus for both criminal and nation-state actors, recorded 2,512 weekly attacks (down six per cent on the year before).
Regionally, Africa reported the highest average number of weekly cyberattacks per organisation, followed by Latin America and APAC . Europe registered 1,577 weekly attacks (down one per cent on the previous year), while North America stood out with a 17pc year-over-year rise to 1,468 weekly attacks, driven in part by a sharp increase in ransomware incidents.
North America lead
Ransomware remained one of the most disruptive and financially damaging cyber threats, with 562 publicly reported incidents globally in September, up 46pc year-over-year. North America was the most affected region, accounting for more than half, 54pc of reported cases, followed by Europe (19pc). The United States alone represented 52pc of all published ransomware cases, followed by Korea (5pc) and the United Kingdom (4pc.
By industry, construction &and engineering sector was the most impacted sector by ransomware, representing 11.4pcof reported victims, followed by Business Services (11pc) and Industrial Manufacturing (10.1pc). Leading ransomware groups included Qilin, Play and Akira. Qilin, one of the most established RaaS (Ransomware-as-a-Service) groups, continues to expand aggressively, while Play and Akira are increasingly targeting critical sectors such as manufacturing and business services using Rust-based encryptors and advanced runtime controls.
What they say
Omer Dembinsky, Data Research Manager at Check Point Research, says, “September’s threat data shows that while the overall volume of attacks has eased slightly, the impact and sophistication of cyber threats are intensifying. Ransomware remains the most destructive force, while the emergence of GenAI-related data leakage adds a new dimension of risk for organisations. Cybercriminals will likely seek to exploit every innovation faster than users can adapt. The only sustainable defence is a prevention-first strategy powered by real-time AI, ensuring protection across the network, cloud, endpoints, and identities. Only through this approach can organisations stay ahead and protect critical operations from relentless adversaries.”
Skills gap
Meanwhile according to the 2025 Fortinet Global Skills Gap Report, 86pc of organizations saw at least one cyber breach in 2024, with near three in ten (28pc) reporting five or more. In 2021 the inaugural Fortinet Global Skills Gap Report found 80pc of organizations reported breaches, and only 19pc faced five or more. A cybersecurity skills shortage is a key contributor to increased breaches. More than half of those surveyed (54pc) indicated a lack of IT security skills and training as one of the leading causes of breaches in their organizations.
Carl Windsor, CISO at Fortinet said: “This year’s survey further underscores the urgent need to invest in cybersecurity talent. Without closing the skills gap, organizations will continue to face rising breach rates and escalating costs. The findings highlight an inflection point for both public and private sectors: Without bold action to build and retain cybersecurity expertise, the risks and costs will only continue to grow for our society.”
