By 
Global Cyber Attacks Rise Sharply in January 2026
Global cyber attacks escalated in January 2026, driven by rising ransomware activity and growing data exposure linked to Generative AI (GenAI) adoption, according to new findings from Check Point Research, the Threat Intelligence arm of Check Point® Software Technologies Ltd. (NASDAQ: CHKP).
RELATED: Global cyberattacks surge to driven by ransomware and GenAI risks
The report revealed that organisations worldwide faced an average of 2,090 cyber-attacks per week, representing a 3 per cent increase from December 2025 and a 17 per cent year-on-year (YoY) rise, underscoring mounting pressure on global digital infrastructure.
Nigeria Records Highest Attack Volume in Africa
Among the African countries analysed, Nigeria recorded the highest number of cyber-attacks, with organisations experiencing 4,701 attacks per week, a 12 per cent YoY increase, up from 4,622 attacks in December 2025.
Other African countries recorded mixed trends:
- Angola: 4,512 attacks per organisation per week, down 7% YoY
- Kenya: 2,172 attacks per week, down 41% YoY
- South Africa: 2,145 attacks per week, up 36% YoY
Overall, Africa averaged 2,864 attacks per organisation per week, reflecting a 6 per cent decline year-on-year, with attacks concentrated on government, financial services, and consumer goods and services sectors.
Cyber Attacks Becoming More Sophisticated – Check Point
Commenting on the findings, Ian van Rensburg, Head of Security Engineering for Africa at Check Point Software Technologies, said attackers are becoming more opportunistic and refined.
“January’s data shows that cyber-attacks are not only increasing but becoming more refined and opportunistic. This is a red flag for African organisations focused on rapid digital transformation, to ensure their cybersecurity hygiene matches the rollout of their technology,” he said.
Van Rensburg warned that unchecked GenAI usage is creating new blind spots for organisations, stressing that prevention-first, AI-powered real-time protection remains the most effective defence against modern cyber threats.
GenAI Adoption Fuels Data Exposure Risks
The rapid adoption of Generative AI tools across enterprises is introducing significant data leakage risks, the report found.
In January, one in every 30 GenAI prompts submitted from corporate networks posed a high risk of sensitive data exposure, impacting 93 per cent of organisations using GenAI tools.
Many prompts contained potentially sensitive information, including:
- Internal corporate documents
- Personally identifiable information
- Customer data
- Proprietary source code
On average, organisations used 10 different GenAI tools per month, many of which operate outside formal governance frameworks, increasing exposure to accidental data leaks, ransomware infiltration, and AI-powered cyber attacks.
Education, Government and Telecoms Most Targeted Sectors
Globally, the Education sector remained the most attacked, with institutions averaging 4,364 weekly attacks per organisation, a 12 per cent YoY increase.
This was followed by:
- Government: 2,759 attacks per week (+8% YoY)
- Telecommunications: 2,647 attacks per week (+8% YoY)
The rise in telecom attacks reflects increasing targeting of connectivity infrastructure, 5G networks, and digital ecosystems.
Regional Trends: Latin America Leads Attack Volumes
By region, Latin America recorded the highest attack volumes at 3,110 attacks per organisation per week, a 33 per cent YoY increase.
Other regions recorded:
- Asia-Pacific (APAC): 3,087 attacks (+7% YoY)
- Africa: 2,864 attacks (−6% YoY)
- Europe: +18% YoY increase
- North America: +19% YoY increase
Ransomware Activity Climbs 10% Year-on-Year
Ransomware remained one of the most destructive cyber threats in January, with 678 publicly reported incidents, marking a 10 per cent increase compared to January 2025.
North America accounted for 52 per cent of global ransomware cases, followed by Europe (24%), confirming attackers’ continued focus on high-value economic regions.
The United States alone represented 48 per cent of global ransomware victims, followed by:
- United Kingdom (5%)
- Canada (4%)
- Germany (4%)
- Italy (3%)
- Spain (3%)
Business Services Most Impacted by Ransomware
Across industries, Business Services was the most affected sector, accounting for 33 per cent of ransomware incidents, followed by:
- Consumer Goods & Services: 15%
- Industrial Manufacturing: 11%
These sectors remain prime targets due to their dependence on operational continuity and the high leverage disruption provides to cybercriminals.
The most active ransomware groups in January were Qilin (15%), LockBit (12%), and Akira (9%), collectively responsible for a significant share of disclosed attacks.
