New Delhi: The latest Global Threat Intelligence Report from Check Point Research (CPR) has reported that organisations in India continue to face a high volume of cyber threats, averaging 3,042 attacks per week.
While this marks an 11% decline year-over-year, the report highlights that cyberattacks remain at historically elevated levels.
Globally, organizations faced an average of 1,900 weekly cyberattacks in September 2025, showing a 4% decline from August but a slight 1% increase compared to last year. Despite periodic drops, the data indicate that cyber risks remain persistent across regions and industries.
The education sector continues to be the most targeted industry in India, followed by government and construction & engineering. The consistent targeting of educational institutions reflects their rapid digital adoption coupled with limited cybersecurity resources, making them frequent targets for cybercriminals.
GenAI Adoption Fuels New Data Exposure Risks
The report identifies a growing risk tied to the widespread use of Generative AI (GenAI) tools within enterprises. Check Point Research found that 1 in every 54 GenAI prompts from enterprise environments posed a high risk of sensitive data leakage, impacting 91% of organizations that regularly use GenAI tools.
An additional 15% of prompts contained potentially sensitive information, such as customer data, proprietary code, or internal communications. This trend underscores the urgency for AI governance and data protection measures to manage risks emerging from everyday use of GenAI platforms.
Sector and Regional Trends
As per the report, the education sector experienced an average of 4,175 weekly attacks per organization globally, a 3% decline year-over-year, yet remained the top target. The telecommunications industry followed with 2,703 weekly attacks (+6% YoY), emphasizing its dual role as critical infrastructure and a potential entry point for attackers. Government institutions saw 2,512 weekly attacks (–6% YoY).
Regionally, Africa reported the highest number of weekly attacks per organization at 2,902, followed by Latin America (2,826) and APAC (2,668). North America, however, recorded a 17% year-over-year surge to 1,468 weekly attacks, largely driven by a spike in ransomware activity.
Ransomware Remains the Most Disruptive Threat
The report highlights that ransomware continues to dominate the global threat landscape, with 562 publicly reported incidents in September — a 46% increase year-over-year.
The Construction & Engineering sector topped the list of victims, comprising 11.4% of attacks, followed by Business Services (11%) and Industrial Manufacturing (10.1%). Leading ransomware groups included Qilin (14.1%), Play (9.3%), and Akira (7.3%), all of which continue to target critical industries using advanced techniques.
Expert Insights
Omer Dembinsky, Data Research Manager at Check Point Research, said, “September’s threat data shows that while the overall volume of attacks has eased slightly, the impact and sophistication of cyber threats are intensifying. Ransomware remains the most destructive force, while the emergence of GenAI-related data leakage adds a new dimension of risk for organizations. Cybercriminals will likely seek to exploit every innovation faster than users can adapt. The only sustainable defense is a prevention-first strategy powered by real-time AI, ensuring protection across the network, cloud, endpoints, and identities. Only through this approach can organizations stay ahead and protect critical operations from relentless adversaries.”
Also Read
Kaspersky Blocks Over 7 Lakh Exploit Attacks on Indian Enterprises, Recommends Security Measures
