Increase in cyber attacks on Swiss companies in the first quarter of 2025

Check Point Research (CPR), the threat intelligence division of Check Point® Software Technologies Ltd.a leading provider of cyber security solutions, has published its cyber attack statistics for the period Q1 2025.

Highest increase in Switzerland

In Germany, general cyber attacks increased significantly compared to the first quarter of 2024 (+55%). The increase was even greater in Austria (+69%) and Switzerland (+113%). Ransomware attacks are also on the rise, with a global increase of 126% compared to Q1 2024 and a total of 2,289 reported incidents. However, most ransomware attacks once again took place in North America, where 62% of all reported cases occurred, followed by Europe with 21%.

Figure 1: Table with selected figures (Kafka Kommunikation GmbH & Co. KG).

Heavily affected education sector

In terms of industries, the education sector was the most affected in the first quarter of 2025 with an average of 4,484 attacks per organization per week - an increase of 73% compared to the previous year. The government sector followed closely behind with 2,678 attacks per organization per week, an increase of 51%, while the telecommunications sector recorded the highest percentage increase with a rise of 94% to 2,664 attacks per organization per week.

Figure 2: Attacks by sector (Check Point Software Technologies Ltd.).

In the first quarter of 2025, the global average number of cyber attacks per company per week was 1,925, an increase of 47% compared to the same quarter of the previous year.

Figure 3: Global average of weekly cyber attacks (Check Point Software Technologies Ltd.).

The data in the report comes from the ThreatCloud AIthe Big Data Intelligence Engine from Check Point. This is where big data telemetry and Indicators of Compromise (IoC) converge millions of times a day. The network is fed by 150,000 connected networks and millions of end devices. Check Point's security researchers also add data from their own research and from external expert sources. The ThreatCloud AI also updates the threat data of all connected Check Point products in real time on this basis. Over 50 AI engines generate weekly reports from the attacks intercepted by Check Point products and from corporate networks that Check Point protects, broken down by sector and country.

Best practice recommendations against cyber attacks

The increasing frequency and sophistication of cyber attacks underscores the need for comprehensive security strategies that must go beyond traditional defenses. The following recommendations are based on Check Point best practices:

• Advanced threat detection: Use technologies such as sandboxing and anti-ransomware tools to detect and block tricky attacks.
• Implementation of a zero-trust architecture: Enforce strict identity verification for every person and device that wants to access network resources.
• Regular data backups and incident response planning: Regularly back up critical data and create comprehensive incident response plans to manage attacks and minimize their impact immediately.
• Strengthening of safety precautions: Update your systems regularly to eliminate vulnerabilities. It's important to have multiple layers of security, including firewalls and endpoint protection.
• Training and sensitization of employees: Regular training can inform employees about the risks and phishing techniques and thus promote a culture of vigilance.
• Network segmentation: Isolate critical systems to contain the spread of attacks and protect sensitive data.
• Vulnerability management: Conduct regular vulnerability assessments and penetration tests and prioritize remediation of potential impacts.