Global cyber attacks jumped 44% last year
A new report from Check Point Software warns of new tactics from threat actors


The number of cyber attacks worldwide rose by 44% last year, fueled by evolving nation-state attacks and the increasing prevalence of generative AI.
In its annual report, Check Point Software said nation-states are changing their strategy, shifting from acute attacks to chronic campaigns aimed at eroding trust and destabilizing systems.
AI-powered disinformation and influence campaigns targeted a third of global elections between September 2023 and February 2024, researchers said.
The Russian-linked APT group CopyCop, for example, targeted the June 2024 US primary elections with fabricated news segments featuring deepfake portrayals of political figures, and the Islamic Revolutionary Guard Corps (IRGC) using 'hack-and-leak' tactics during the presidential elections.
"Cybersecurity in 2025 is not only about protecting networks; it’s about safeguarding trust in our systems and institutions," said Maya Horowitz, Check Point's VP of research.
"The State of Global Cyber Security 2025 highlights the rapid evolution of threats and reinforces the need for resilience in the face of persistent and complex adversaries."
The evolution of ransomware
Ransomware is also evolving, according to the report, with data exfiltration and extortion overtaking encryption-based attacks as the primary ransomware tactic, simplifying operations and maximizing payouts.
Get the ITPro daily newsletter
Sign up today and you will receive a free copy of our Future Focus 2025 report - the leading guidance on AI, cybersecurity and other IT challenges as per 700+ senior executives
The little-known ransomware group Dark Angels, for example, reportedly extracted a $75 million payment from one Fortune 50 company in 2024.
Healthcare became the second most targeted industry for ransomware, with a 47% increase in attacks year-over-year, highlighting a move away from any 'ethical' approach from ransomware groups.
Meanwhile, compromised routers, VPNs, and other edge devices served as key entry points for attackers last year, with more than 200,000 devices controlled by advanced botnets like Raptor Train, operated by state-sponsored actors.
The report highlights the rising tide of infostealers, with stolen data traded on platforms like Telegram or underground criminal marketplaces such as the Russian Market.
RELATED WHITEPAPER
"Following the decline of the big botnets, infostealers have become a significant and wide-scale threat. They offer cyber criminals efficient ways to steal credentials and session tokens, contributing to financial fraud and identity theft and acting as an entry point to corporate networks," said Check Point threat intelligence group manager Sergey Shykevich.
"As companies increasingly adopt remote work and bring-your-own-device policies, it is essential that they implement protective strategies."
AI attacks gain traction
A key talking point in the Check Point annual report centered around AI-powered financial crime. The security firm recorded a sharp increase in this regard across 2024 alongside supply chain attacks on open source projects.
Researchers warned that organizations will face increasing pressure this year thanks to new cyber security regulations, including the EU IoT Regulations, SEC Cyber Security Rules, the Digital Operational Resilience Act (DORA) and the NIS2 Directive.
CISOs, Check Point recommended, should strengthen BYOD Security, implementing strict policies and deploying endpoint protection.
They should also invest in threat intelligence and enhance patch management to address known vulnerabilities proactively and limit exposure to widespread exploits.
Edge devices should be secured, with robust security measures for routers, VPNs, and IoT devices; and they should focus on resilience, preparing for persistent threats with comprehensive incident response plans and continuous monitoring.
Emma Woollacott is a freelance journalist writing for publications including the BBC, Private Eye, Forbes, Raconteur and specialist technology titles.
-
Security experts issue warning over the rise of 'gray bot' AI web scrapers
News While not malicious, the bots can overwhelm web applications in a way similar to bad actors
By Jane McCallion Published
-
Does speech recognition have a future in business tech?
Once a simple tool for dictation, speech recognition is being revolutionized by AI to improve customer experiences and drive inclusivity in the workforce
By Jonathan Weinberg Published
-
Law enforcement needs to fight fire with fire on AI threats
News UK law enforcement agencies have been urged to employ a more proactive approach to AI-related cyber crime as threats posed by the technology accelerate.
By Emma Woollacott Published
-
Have I Been Pwned owner Troy Hunt’s mailing list compromised in phishing attack
Troy Hunt, the security blogger behind data-breach site Have I Been Pwned, has fallen victim to a phishing attack targeting his email subscriber list.
By Jane McCallion Published
-
300 days under the radar: How Volt Typhoon eluded detection in the US electric grid for nearly a year
Analysis Lengthy OT lifespans give attackers time to penetrate networks underpinning critical infrastructure and plan future disruption
By Solomon Klappholz Published
-
Cybersecurity teams face unparalleled pressure, but they’re stepping up to the plate
News While cybersecurity teams are contending with rising workloads and chronic staffing issues, new research shows practitioners are still charging ahead and meeting targets.
By Emma Woollacott Published
-
There’s a new ransomware player on the scene: the ‘BlackLock’ group has become one of the most prolific operators in the cyber crime industry – and researchers warn it’s only going to get worse for potential victims
News Security experts have warned the BlackLock group could become the most active ransomware operator in 2025
By Solomon Klappholz Published
-
Unlock profitability with Cove Data Protection
Whitepaper Agile risk management starts with a common language
By ITPro Published
-
Ransomware missteps that can cost you
Whitepaper Agile risk management starts with a common language
By ITPro Published
-
The big book of selling data protection
Whitepaper Agile risk management starts with a common language
By ITPro Published