Global Cyber Attacks Surge 21% in Q2 2025, Education Sector Hit Hardest – Report

Global cyberattacks surged in the second quarter (Q2) 2025, climbing by 21% year-over-year, according to new data from Check Point Research.

Driven by increasingly sophisticated tactics, AI-powered threats, and a widening digital attack surface, the spike underscores the growing pressure on organizations to bolster their cyber defenses in an era where no sector is off-limits.

Findings from the research revealed that in Q2 2025, the average organization faced 1,984 weekly cyber attacks, marking a 21% year-on-year increase and a 58% rise compared to two years ago. In July, the average number of cyber attacks per organization per week reached 2,011. That’s a 3% increase from the previous month and a 10% rise compared to July 2024. The steady climb highlights how persistent and adaptable threat actors continue to be.

While the long-term upward trend continues, industry and region-specific data revealed notable developments, including sustained targeting of the education sector and significant growth in attacks across Europe.

Education Remains the Prime Target

The education sector once again topped the list, enduring 4,388 weekly cyber attacks per organization, a 31% increase compared to Q2 2024. Government organizations followed with 2,632 weekly attacks (+26% YoY), while telecommunications saw a sharp surge to 2,612 weekly attacks (+38% YoY).

The report notes that the education sector’s vulnerability lies in its often underfunded security infrastructure and the abundance of exploitable credentials. Government agencies remain attractive for their sensitive data and geopolitical value, while telecommunications providers are being targeted for their critical infrastructure and access to vast customer datasets.

Europe Leads in Growth

Regionally, Africa experienced the highest average volume at 3,365 weekly attacks per organization (+14% YoY), followed by APAC at 2,874 (+15%) and Latin America at 2,803 (+5%).

However, Europe stood out with a 22% year-on-year growth, the largest regional increase, driven by geopolitical tensions, regulatory fragmentation, and the region’s dense concentration of high-value data.

Ransomware Remains a Major Threat

Public data from double-extortion “shame sites” revealed around 1,600 ransomware incidents globally in Q2 2025. North America accounted for 53% of these disclosures, while Europe contributed 25%.

Business services (10.7% of reported victims), industrial manufacturing (9.8% of reported victims), and construction & engineering (9.5% of reported victims) were the top three industries affected by ransomware.  Other impacted sectors ranged from healthcare to government and transportation, underscoring ransomware’s broad reach.

To better combat the surging threat of cyberattacks, organizations are advised to do the following;

Invest in threat prevention: Use advanced security technologies such as intrusion prevention systems (IPS), anti-ransomware tools, and threat intelligence to block attacks before they cause damage.

Strengthen endpoint and network defenses: Implement robust firewalls, email security, and endpoint protection platforms to reduce attack surfaces.

Promote user awareness: Run regular training and simulated phishing exercises to help employees recognize and report suspicious activity.

Ensure backup and recovery readiness: Maintain up-to-date, segmented backups and test recovery processes regularly to limit downtime in the event of ransomware or other disruptions.

Adopt zero trust principles: Continuously verify access permissions and segment networks to minimize lateral movement.

Stay informed: Monitor threat intelligence feeds and industry alerts to anticipate emerging threats.

However, while no single solution can completely eliminate cyber risk, organizations can significantly enhance their resilience by implementing multiple coordinated layers of protection. This approach helps to reduce both the likelihood and impact of a successful attack.