Organizations in India are facing over 3,000 cyberattacks every week, as the threat landscape continues to evolve with new risks introduced by Generative AI (GenAI). According to the latest Global Threat Intelligence Report by Check Point Research (CPR), enterprises in India experienced an average of 3,042 weekly cyberattacks, marking an 11% year-on-year decline. However, the overall threat environment remains highly active, especially with the rising challenge of data exposure from GenAI usage.
Globally, organizations encountered an average of 1,900 cyberattacks per week in September 2025, showing a 1% increase year-on-year despite a slight month-on-month dip. CPR’s findings indicate that while overall attack volumes have stabilized, the complexity and sophistication of threats are intensifying.
GenAI Emerges as a New Risk Frontier
The widespread adoption of GenAI tools is creating new avenues for data exposure. CPR’s research found that 1 in every 54 GenAI prompts within enterprise environments posed a high risk of sensitive data leakage, impacting 91% of organizations using these tools. Another 15% of prompts contained potentially sensitive data, including customer information, proprietary code, and internal communications.
This underscores the urgent need for robust AI governance and data protection frameworks, as enterprises grapple with balancing AI innovation and cybersecurity.
Education, Government, and Construction Sectors Hit Hardest
In India, the education sector remains the most frequently targeted industry, followed by government and construction & engineering. This mirrors global trends, where education continues to face the highest attack rates — 4,175 weekly attacks per organization on average. The sector’s rapid digital adoption, coupled with limited cybersecurity funding, makes it an attractive target for cybercriminals.
The telecommunications and government sectors also remain under pressure globally, with thousands of weekly attacks driven by their critical infrastructure roles and potential access to downstream systems.
Ransomware Continues Its Global Rampage
Ransomware remains the most destructive cyber threat, with 562 publicly reported incidents worldwide in September 2025 — a 46% surge year-on-year. North America was the hardest hit, accounting for 54% of all reported cases, followed by Europe (19%). By sector, Construction & Engineering led ransomware victims (11.4%), followed by Business Services (11%) and Industrial Manufacturing (10.1%).
Leading ransomware groups such as Qilin (14.1%), Play (9.3%), and Akira (7.3%) are increasingly deploying Rust-based encryptors and advanced runtime controls, targeting critical sectors and expanding their reach.
“A Prevention-First Strategy Is Crucial”
“September’s threat data shows that while the overall volume of attacks has eased slightly, the impact and sophistication of cyber threats are intensifying,” said Omer Dembinsky, Data Research Manager at Check Point Research. “Ransomware remains the most destructive force, while the emergence of GenAI-related data leakage adds a new dimension of risk. The only sustainable defense is a prevention-first strategy powered by real-time AI, ensuring protection across the network, cloud, endpoints, and identities.”
As organizations continue to embrace GenAI and digital transformation, CPR warns that cybercriminals are evolving just as fast — if not faster. A proactive, AI-driven defense posture is now essential to stay ahead of emerging risks and protect mission-critical operations.