Global Cyber Threats August 2025: Agriculture in the Crosshairs

In August 2025, the global cyber threat landscape presented a complex interplay of stability and alarming new challenges. Organizations around the world confronted an average of nearly 2,000 cyber attacks each week—a slight 1% decrease from July but a stark 10% rise compared to the same month last year. Particularly concerning is the agricultural sector, which has seen a staggering 101% increase in cyber incidents since August 2024. Although the overall volume of attacks has somewhat stabilized, the evolving distribution of threats across industries, regions, and types of attacks suggests a troubling trend that demands our attention. As businesses navigate this new reality, understanding the nuances of the current cyber threat landscape is more critical than ever.

Industries Under Fire

• Education remained the most targeted sector, averaging 4,178 attacks per organization per week, up 13% year-over-year.
• Telecommunications followed at 2,992 attacks per week, a sharp 28% increase.
• Government institutions continued to feel the pressure with 2,634 weekly attacks, a 3% YoY rise.
• Agriculture has seen the most significant increase, with a remarkable 101% year-over-year growth. Modern farming relies heavily on technology, including automated irrigation systems, IoT sensors, drones, and supply chain management platforms. This reliance creates a wide attack surface for threat actors. Furthermore, many agricultural organizations invest less in cyber security compared to other sectors, leaving critical systems vulnerable to attacks. As a result, threat actors view agriculture as both a lucrative and strategic target. Disrupting food production can lead to immediate financial losses, threaten food security, and even be used as a geopolitical weapon.

These shifts highlight how both critical infrastructure and public-facing services remain key targets for threat actors.

Regional Spotlight

Regional trends show diverging threat intensities:

• Africa faced the highest average weekly attacks per organization at 3,239, despite a slight YoY decline of 3%.
• APAC recorded 2,877 weekly attacks (+2% YoY).
• Latin America closely trailed with 2,865 (+6% YoY).
• Europe saw a notable 13% increase, reaching 1,685 weekly attacks.
• North America stood out with the highest rise, a 20% YoY increase, reaching 1,480 attacks per organization.

This reinforces the widening regional disparities and the fast escalation in developed economies.

Ransomware Escalation

Ransomware remains an extremely disruptive threat vector. In August, 531 ransomware attacks were publicly reported, a 14% YoY increase.

• North America was targeted the most, accounting for 57% of reported incidents.
• Europe followed with 24%.
• The United States alone made up 54% of all cases.
• The United Kingdom (7%) and Germany (6%) were also among the top targets.

By industry:

• Industrial manufacturing led with 13.6% of victims.
• Business services accounted for 11.9%.
• Construction & engineering came in with 10.4%.

Other sectors, including healthcare, consumer goods, and financial services, were also significantly impacted.

Ransomware Groups to Watch

The August data from ransomware “shame sites” highlights shifting dynamics among leading groups:

• Qilin dominated with 16% of published attacks. Formerly known as Agenda, Qilin has expanded aggressively since March 2025, leveraging a Rust-based encryptor and enhanced RaaS infrastructure.
• Akira followed at 8%, with a strong focus on business services and industrial manufacturing. Its evolving Rust-based encryptor targets ESXi systems with advanced runtime controls.
• Inc. Ransom held 6%, diverging from typical trends with a focus on healthcare and education, signalling a sustained risk to essential services.

The insights come from our ThreatCloud AI platform, which analyzes millions of indicators of compromise (IoCs) daily. Powered by over 50 AI-driven engines and fed by intelligence from more than 150,000 networks and millions of endpoints, ThreatCloud AI delivers one of the most comprehensive, real-time views of the global threat landscape available today.

Check Point Perspective

While overall attack volumes appear to be stabilizing, the data clearly shows that attackers are intensifying their efforts, refining techniques, and exploiting weaknesses across industries and regions. The surge in ransomware activity, combined with the continued targeting of education, manufacturing, and critical services, underscores the urgency for organizations to strengthen defenses.

At Check Point, our research continues to highlight how the complexity and speed of today’s threats demand a multi-layered response. Traditional detection is no longer enough. Organizations need real-time, proactive security that can stop attacks before damage is done.

As we look ahead, the takeaway for every organization is clear: adopt a prevention-first mindset, leverage advanced threat intelligence, and ensure defenses span the entire your environment — from network to cloud to endpoint. Only by staying ahead of the adversaries can we reduce risk and build long-term resilience.