#None #Cybersecurity #Ransomware #Check Point

Overview of Cyber Threats in July 2025

Check Point Research (CPR), a global leader in cyber security solutions, has recently unveiled its Global Threat Intelligence Report for July 2025. This report underscores the rapid expansion and sophistication of cyber attacks faced globally, revealing that organizations are experiencing an average of 2,011 weekly cyber attacks, marking a 10% increase from the previous year. The most targeted sectors include education and research, telecommunications, and government/military.

Key Findings

1. Weekly Cyber Attacks: Organizations globally are experiencing an average of 2,011 cyber attacks per week, a rise of 10% year-on-year.
2. Most Targeted Industries: The education and research sector emerged as the most frequently targeted, with an average of 4,248 attacks per week, followed by telecommunications (2,769 attacks) and government/military (2,745 attacks).
3. Rapidly Increasing Threats: The agriculture sector is witnessing a staggering 81% increase in cyber attacks year-on-year, indicating a shift in focus for attackers.
4. Regional Insights: The Asia-Pacific (APAC) region reported the highest average number of attacks per organization at 3,403, followed by Latin America (2,917) and North America (2,870). Europe showed the highest growth rate at 15% from the previous year.
5. Ransomware Surge: July recorded a 28% increase in reported ransomware attacks, amounting to 518 incidents, primarily concentrated in North America (52%) and Europe (25%).

Ransomware Landscape

Ransomware remains one of the most significant threats in cybersecurity, with a few highly active groups responsible for the majority of global attacks. The three most prominent groups identified in the July report are Qilin, Inc.Ransom, and Akira, each utilizing distinct methods while sharing a common goal of maximizing damage and financial gain.

Qilin

Qilin is reportedly responsible for 12% of all ransomware incidents noted in July. Operating as a Ransomware-as-a-Service (RaaS) platform coded in Golang, it particularly targets major companies in the healthcare and education sectors. Qilin typically gains access through phishing emails containing malicious links, moves laterally within networks to encrypt systems, and steals sensitive data for double extortion.

Inc.Ransom

Active since mid-2023, Inc.Ransom accounts for about 9% of ransomware incidents in July. This group has a clear victim profile, targeting 33% of healthcare institutions and 10% educational entities in the second quarter of 2025. Notably, these sectors often remain off the radar for many cybercriminals. Inc.Ransom operates a dual-site structure comprising a negotiated portal with authentication and a public leak site, expanding its capabilities across Windows and Linux payloads.

Akira

Akira is believed to be associated with around 8% of ransomware incidents. Active since early 2023, it uses symmetric encryption techniques to target both Windows and Linux systems, often spreading through compromised VPN endpoints or malicious email attachments. Akira appends the “.akira” extension to encrypted files and demands a ransom for the decryption key.

Conclusion

The threat landscape as of July 2025 underscores the untenable reality that no sector or region can escape from cyber attacks. As ransomware groups diversify their tactics and target new industries, the risk for businesses of all sizes continues to grow. Emphasizing the importance of AI-driven security strategies that prioritize prevention is deemed crucial for mitigating attacks before they occur. CPR is committed to tracking these developments and providing actionable intelligence to help organizations manage emerging threats effectively.

Lotem Finkelstein, Director of Threat Intelligence and Research at Check Point, highlighted, "The data from July 2025 demonstrates that ransomware is not just surviving but evolving rapidly, with groups like Qilin extending their attacks to high-value targets. These attacks aim at organizations across all regions worldwide, reaffirming that an AI-driven, prevention-first strategy is the only way to counter these threats."

Check Point Research continues to empower organizations by delivering timely intelligence on cyber threats, ensuring they remain one step ahead in the ever-shifting landscape of cybersecurity.