October 2025 Sees Alarming Surge in Cyber Attacks, Ransomware Dominates

Do you need help with Cybersecurity or IT Management?

October 2025 witnessed a significant escalation in global cyber attacks, with ransomware emerging as the predominant threat. Organizations worldwide faced an average of 1,938 attacks weekly, a 2% increase from September and a 5% rise year-over-year. This trend highlights the persistent and evolving nature of cyber threats, driven by increasingly sophisticated ransomware operations and the growing risks associated with generative AI adoption.

Key Takeaways

Global cyber attacks averaged 1,938 per week in October 2025, a 2% increase from September.
Ransomware attacks saw a dramatic 48% year-over-year surge, with 801 reported incidents.
The education sector remained the most targeted industry, facing an average of 4,470 weekly attacks.
Latin America led in attack frequency, while North America experienced the sharpest year-over-year increase.
Generative AI tools introduced new risks, with 1 in 44 prompts posing a high risk of sensitive data leakage.

Industry and Regional Impact

The education sector continued to be the most heavily targeted, experiencing an average of 4,470 attacks per organization weekly, a 5% increase from the previous year. Telecommunications and government organizations followed, though government entities saw a slight decline in attacks. Notably, the hospitality sector experienced a significant 40% year-over-year increase in attacks.

Regionally, Latin America recorded the highest attack frequency with 2,966 weekly attacks per organization, a 16% rise. Africa and APAC saw decreases, but North America experienced a substantial 18% year-over-year increase in cyber attacks, indicating a renewed focus on its critical infrastructure and business services. European organizations also saw a 4% uptick.

The Rise of Generative AI Risks

The widespread adoption of generative AI (GenAI) tools has introduced new security vulnerabilities. In October, Check Point Research found that approximately 1 in every 44 GenAI prompts submitted through enterprise networks carried a high risk of sensitive data leakage. Alarmingly, 87% of organizations utilizing GenAI tools regularly encountered such risks, with an additional 19% of prompts containing potentially sensitive information. The use of these tools also increased by 8% among corporate users, with organizations averaging 11 different GenAI tools per month, many of which are likely unsupervised.

Ransomware Escalation and Key Actors

Ransomware activity surged by an alarming 48% in October 2025 compared to the same month in 2024, with 801 reported attacks. North America was the most affected region, accounting for 62% of incidents, with the United States being the primary target. Business services, consumer goods & services, and industrial manufacturing were the most impacted industries.

The Qilin ransomware group was the most active, responsible for 22.7% of all published attacks. Akira followed with 8.7%, and Sinobi, a newer entrant, accounted for 7.8%. These groups are increasingly leveraging sophisticated tactics, including exploiting critical IT vulnerabilities and employing double-extortion strategies.

Conclusion

October 2025’s cyber threat landscape underscores the growing opportunism of threat actors, who are exploiting geopolitical instability, AI-driven automation, and advanced extortion techniques. As ransomware groups continue to evolve and GenAI risks proliferate, organizations must prioritize robust threat prevention, data security, and AI governance strategies to effectively defend against the escalating cyber threats.