Global cyber attacks surged to unprecedented levels in 2025, driven by the rapid integration of artificial intelligence and automation into attacker toolkits, according to the newly released Cyber Security Report 2026 from Check Point Software Technologies Ltd.
The report shows that organisations worldwide experienced an average of 1,968 cyber attacks per week in 2025, a roughly 70 % increase compared with 2023 data. This steep rise reflects how adversaries are combining speed, scale and sophistication by embracing AI and automated workflows in place of traditional manual methods.
“AI is changing the mechanics of cyber attacks, not just their volume,” said Lotem Finkelstein, Vice President of Research at Check Point Software. He noted that attackers are moving beyond basic automation to increasingly autonomous techniques that compromise systems more quickly and with far greater coordination than before.
AI and Automation: New Dimensions of Threat
The report highlights how artificial intelligence has become deeply embedded across multiple stages of the attack lifecycle. During a three-month survey period, 89 % of organisations encountered risky AI prompts, and roughly one in every 41 prompts was categorised as high risk. This penetration of AI into everyday business processes, including business software, collaboration tools, and cloud environments, has dramatically expanded attack surfaces and exposed new vulnerabilities.
Moreover, Check Point’s analysis revealed alarming weaknesses in AI infrastructure. In a coordinated study by Lakera, a Check Point company, 40 % of 10,000 Model Context Protocol (MCP) servers showed significant security vulnerabilities, highlighting the risks inherent in many organisations’ rapidly growing AI deployments.
In addition to AI-assisted attacks, the report shows ransomware continues to evolve into more fragmented and agile operations. Smaller, decentralised ransomware groups have proliferated, contributing to a 53 % year-over-year increase in extorted victims and a 50 % rise in new ransomware-as-a-service offerings. Adversaries are now leveraging automation not only for intrusion and lateral movement but also to accelerate negotiation phases and ransom demands.
Industry Implications: Revalidating Security for the AI Era
Check Point’s report warns that defending against this new class of threat requires more than incremental improvements to existing security stacks. Organisations must revalidate foundational protections, including network, endpoint, email, cloud and secure access service edge (SASE) controls, to withstand attacks operating at machine speed.
The report also advocates enhanced governance of AI usage itself. Rather than blocking enterprise AI, security leaders are urged to apply visibility and policy enforcement to both sanctioned and unsanctioned AI systems, reducing exposure to high-risk prompts and data misuse.
Finally, a prevention-first posture combined with unified visibility across hybrid environments, from on-premises to multi-cloud and edge networks, is essential to reduce blind spots and strengthen resilience against dynamic adversary behaviour.
As organisations grapple with an increasingly hostile and automated threat landscape, this latest Check Point analysis underscores the strategic urgency of integrating advanced security practices that can keep pace with adversaries leveraging the same AI technologies that enterprises are adopting for innovation.
Also Read: 5 Reasons HDDs Will Continue to Dominate Enterprise Storage in the AI Era
