According to a new study by Check Point, organizations in Europe, the Middle East, and Africa (EMEA) face an average of 1,679 cyberattacks per week.
The research firm also observed a 58% increase in info stealer attacks targeting organizations in the region over the past year.
Check Point added that it observed more than 10 million stolen credentials associated with EMEA organizations available for sale on the dark web.
These insights came to light during the company’s CPX 2025 Vienna conference on February 4th where they launched their latest EMEA Cyber Threat Intelligence report.
Cyber Threats Statistics Across EMEA
Check Point’s research reveals that organizations in EMEA faced an average of 1,679 cyberattacks per week in the past six months, slightly below the global average.
Education and Research emerged as the most targeted industry in the region, with 4,247 weekly attacks per organization—aligning with global trends.
Other most attacked industries in EMEA include: Communications, Military, and Healthcare.
The list of Education and Research, Communications, Military, and Healthcare aligned with Check Point’s top four global trends.
Africa was the most targeted region in the EMEA with Ethiopia suffering the highest volume of attacks followed by Uganda, Angola, and Ghana.
Other trends observed in EMEA
- Phishing remains a dominant attack vector as the study found that 62% of malicious files in the region were delivered via email.
- There appears to be a shift in ransomware methodologies where now ransomware actors instead of encrypting critical assets, rather steal sensitive corporate data to sell.
- The top malware facing the region was FakeUpdates also known as SocGholish.
- Disinformation powered by Artificial Intelligence (AI) comes from all kinds of adversaries, including hacktivists and nation-state groups.
What are they saying?
“Cybercriminals are no longer just breaching systems—they are selling access. The rise of infostealers and initial access brokers has created an underground marketplace where stolen credentials fuel a wider range of cyberattacks, including ransomware and financial fraud,” said Sergey Shykevich, Check Point’s Group Manager of Threat Intelligence.
“The shift toward data-leak extortion presents a more insidious risk—organizations are no longer just facing operational disruptions but also the public exposure of sensitive data. Security strategies must evolve to focus on early detection, strong data encryption, and robust access controls to mitigate these threats,” said Omer Dembinsky, Data Research Group Manager at Check Point Software.
“Organisations must rethink cloud security. Attackers are no longer just breaching on-premises systems—they are embedding themselves into cloud environments, targeting credentials, and leveraging legitimate mechanisms to facilitate bidirectional lateral movement. A proactive security approach is critical,” said Michael Abramzon, Threat Intelligence and Research Architect at Check Point Software.
About Author
