#Japan #Cybersecurity #Tokyo #Ransomware #Check Point

The Rising Tide of Cyber Threats: Understanding the 2025 Update

In December 2025, Check Point Research (CPR) released alarming statistics regarding global cyber threats, revealing a considerable surge in ransomware attacks and a pronounced regional concentration of cyber crimes. The latest data shows a 60% yearly increase in ransomware incidents, with Qilin, an active threat actor, leading the charge against Japanese companies.

Overview of Cyber Attack Statistics

Based on the data, the average number of weekly attacks per organization surged to 2,027 in December, marking a 1% rise from the previous month and a striking 9% increase compared to December of the prior year. Latin America leads in attack frequency, averaging 3,065 attacks per organization weekly—an increase of 26% year-over-year, highlighting how cybercriminals are exploiting varying security maturity levels across organizations amid rapid digitalization.

On the ransomware front, December alone witnessed 945 reported attacks, a staggering 60% increase from the same month last year. Qilin, known for its significant attack on a major beverage company in Japan in September 2025, accounted for 18% of all ransomware incidents during this period. The prevalence of ransomware continues to disrupt businesses globally, leading to operational halts, financial losses, and data extortion. Notably, 52% of the reported ransomware incidents originated in North America, followed by Europe at 23%, reaffirming the concentration of threats in economically lucrative regions.

Omer Dembinsky, CPR's Data Research Manager, emphasizes the evolving nature of cyber risks, stating, "The December 2025 data illustrates that cyber threats are no longer sporadic but rather pose continuous pressure. As ransomware expands across industries, unmanaged AI usage brings extensive data breach risks to organizations. Moving into 2026, all entities must prioritize security frameworks, real-time intelligence against AI threats, and stringent governance over AI tools to mitigate these risks."

Industries Most Affected

Education and research sectors remain the top targets for cyber attacks, with an average of 4,349 attacks per organization weekly in December 2025, a 12% increase from the previous year. The substantial number of users, open digital environments, and aging infrastructure make these organizations particularly vulnerable.

Following closely are government and military sectors, suffering an average of 2,666 weekly attacks. Non-profit organizations also experienced significant growth, with a 56% increase year-over-year, averaging 2,509 attacks each week. The limited resources available for cybersecurity in these areas, combined with increasing digital dependence, elevate the associated risks.

Notably, the regional concentration of attacks is evident. While Latin America saw a 26% surge, the Asia-Pacific (APAC) region continues to be a prime target with an average of 3,017 attacks per organization weekly. North America’s primarily ransomware-driven incidents contributed to a 15% increase, averaging 1,438 attacks per organization. Europe followed with an increase of 9%, reporting 1,677 weekly attacks. In stark contrast, attacks on Africa have diminished, reflecting a shift in focus rather than a decrease in threat levels.

Data Breach Risks from Generative AI

The rise of generative AI tools in corporate environments introduces new cybersecurity and data protection challenges. In December 2025, notable findings included:

• - 1 in 27 generative AI prompts posed a high risk of confidential data breaches
• - 91% of organizations employing generative AI tools reported high-risk prompt activities
• - 25% of prompts contained potentially confidential information
• - Organizations utilized on average 11 generative AI tools, generating about 56 prompts monthly

The primary risk uncovered by these findings is the improper control and sanitization of confidential data uploaded to third-party generative AI services, often occurring outside organized security management protocols. The most frequently breached data categories include personally identifiable information (PII), internal network artifacts, and unpublished source code.

Organizations must monitor and restrict what data is uploaded to various AI platforms, given that employees typically use around 11 generative AI tools. The findings suggest a critical gap in visibility, control, and cybersecurity governance, elevating the risks of data loss and AI-driven cyber attacks.

Conclusion: The Persistent Risk Landscape Ahead

As we conclude 2025, the surge of ransomware activities continues with Qilin dominating the landscape, accounting for 18% of all reported attacks. LockBit5 follows with 12% involvement, and Akira stands at 7%, still targeting Windows, Linux, and virtual ESXi environments. The growth of Ransomware-as-a-Service (RaaS) models further lowers the barrier for attackers, fueling an upsurge in global ransomware activities.

The data from December 2025 indicates not just short-term fluctuations but a long-term sustainability of ransomware threats and structural data risks stemming from generative AI. To effectively reduce cyber risks in 2026, organizations must focus on enhancing resilience against ransomware, deploying AI-driven preventative strategies, and establishing clear governance for generative AI use. For more in-depth insights into December 2025's cyber-attack trends, visit Check Point Research's blog.

• ---