Latin America has overtaken Africa as the most cyber attacked region, according to Check Point Software Technologies research. The cyber security company attributes the development mainly to Africa’s increased investment in cyber security, especially external risk management.
Check Point this week released its Global Threat Intelligence Report for October 2025, which revealed that organisations worldwide each faced an average of 1 938 cyber attacks per week, which represents a 2% increase from September and a 5% rise year on year (YOY).
Latin America averaged 2 966 attacks per organisation per week (16% increase YOY), followed by Africa, with 2 782 (15% reduction YOY).
Europe saw a moderate 4% rise, while North America recorded the steepest increase, with 18% YOY growth, driven in part by intensified ransomware threats.
Of the four African countries covered in the report, Angola averaged 3 254 attacks per organisation per week (-53% YOY), followed by Kenya at 2 939 attacks per organisation per week (-17% YOY), Nigeria at 2 779 attacks per organisation per week (-33% YOY) and SA at 1 878 attacks per organisation per week (+9%).
Ian Janse van Rensburg, security engineering manager: Africa at Check Point Software Technologies, says Africa is increasing its spending on cyber security, particularly East and West Africa.
“Investment in external risk management to proactively identify potential risks and vulnerabilities within organisations' systems is also increasing. African organisations are also improving their ability to mitigate DDOS (distributed denial of service) attempts, and these efforts appear to be paying off,” he says.
He adds, however, that cyber criminals are opportunistic by nature, and dark web intelligence could highlight continental vulnerabilities, which could explain Latin America's lead in the number of cyber attacks in October.
“It could also be that a lack of cyber spending in Latin America made the continent more of a target last month,” says Janse van Rensburg.
Ransomware threat spike
The research shows that ransomware remained one of the most damaging cyber threats, with 801 publicly reported incidents globally in October, marking a 48% YOY increase. North America accounted for 62% of all reported cases, followed by Europe (19%). The US alone represented 57% of global incidents, followed by Canada (5%) and France (4%).
By industry, business services (12%), consumer goods and services (10.5%), and industrial manufacturing (10.4%) were the most impacted.
The leading ransomware groups in October were Qilin (22.7%), Akira (8.7%) and Sinobi (7.8%), collectively responsible for nearly 40% of reported attacks.
GenAI tools
With the enterprise use of GenAI tools expanding rapidly, Check Point Research identified increasing exposure to sensitive data.
In October, one in 44 GenAI prompts submitted from enterprise networks posed a high risk of data leakage, impacting 87% of organisations that use GenAI regularly. An additional 19% of prompts contained potentially sensitive information such as internal communications, customer data or proprietary code.
According to Check Point, these risks coincide with an 8% increase in average daily usage among corporate users. Notably, there’s a relative increase in the exposure of source code and credentials compared to other data types such as PII and financial information. While some usage occurs through managed tools, organisations still average 11 different GenAI tools per month – most of which are likely unsupervised.
The education sector remained the most targeted globally, averaging 4 470 weekly attacks per organisation (+5% YOY). The telecommunications industry followed with 2 583 weekly attacks (+2% YOY), while government institutions faced 2 550 attacks per week (-2% YOY), reflecting ongoing targeting of critical services and data-rich environments.
Check Point also noted the high 40% YOY increase in the hospitality sector as the holiday season approaches, climbing from eighth to fifth in the top attacked industries this month.
Omer Dembinsky, data research manager at Check Point Research, adds: “October’s data shows that along with the overall number of attacks climbing, the real concern is in the eventual results shown, for example, in the surge of successful ransomware attacks. In addition, the risks of data exposure via GenAI and other means threaten to provide the attackers with additional tools to carry out future attacks. This evolution creates new challenges for defenders. The only effective approach is prevention-first, powered by real-time AI and proactive threat intelligence to block attacks before they cause damage.”
Share