Check Point Research has revealed growing concerns over the security risks associated with the rapid adoption of Generative AI tools. According to its December 2025 Global Cyber Attack Statistics report, the widespread use of Gen AI across enterprises is unintentionally exposing sensitive information, creating new opportunities for cybercriminals to exploit critical data.
The report highlights that organizations worldwide faced an unprecedented volume of cyber threats throughout 2025. On average, businesses endured approximately 2,027 cyber attacks per week, representing a 9% increase compared to 2024. This surge underscores the expanding attack surface driven by digital transformation, cloud adoption, and the increasing reliance on AI-powered tools.
Check Point’s findings indicate that the United States and the United Kingdom were the most heavily targeted regions, with more than 1,440 organizations attacked weekly. This marks a significant 39% rise in cyber incidents compared to December 2024, signaling a sharp escalation in threat activity across highly digitized economies.
While ransomware continues to be the dominant threat impacting industrial and enterprise operations, Check Point researchers warn that Gen AI adoption has introduced a new layer of risk. Sensitive corporate data is often being fed into AI systems without adequate security controls, governance frameworks, or data classification policies. This lack of oversight increases the likelihood of confidential information being leaked, stored insecurely, or later exploited by threat actors.
The Israeli-based cybersecurity firm also identified the most active ransomware groups operating in 2025. The Qilin ransomware gang, believed to be operating from Russia, was ranked as the most aggressive group through December 2025. It was followed by LockBit5 and Akira, which ranked second and third respectively. These groups primarily targeted Windows-based systems, virtualized environments, and increasingly, Linux infrastructures, reflecting attackers’ evolving technical capabilities.
In terms of affected sectors, government and education organizations were among the hardest hit, followed closely by non-profit institutions. Check Point attributes this vulnerability to outdated infrastructure, a shortage of in-house cybersecurity expertise, and the unsafe use of organizational data to train AI models without scientifically designed security controls. These weaknesses make such organizations attractive targets for attackers seeking high-impact breaches with minimal resistance.
Overall, the report emphasizes the urgent need for enterprises to implement stronger AI governance, modernize legacy systems, and invest in cybersecurity talent to mitigate emerging risks in an increasingly AI-driven threat landscape.
Join our LinkedIn group Information Security Community!
