Skip to main content
Security Insights

Cyber Security Statistics by Continent

Sourced breach, ransomware, and attack-volume statistics for Africa, Asia-Pacific, Europe, North America, Latin America, and Oceania — pulled from INTERPOL, ENISA, IBM, Check Point, and ASD/ACSC threat reports.

Data snapshot: July 2026. Threat statistics age quickly — see Sources & live feeds below for continuous updates.

$4.44M
Global average cost of a data breach

Global · IBM, 2025

241 days
Average time to identify and contain a breach

Global · IBM, 2025

30%+
Of all recorded crime that is now cyber-related in many African & Asia-Pacific nations

INTERPOL, 2025

82
Distinct ransomware variants deployed against EU organizations in 12 months

EU · ENISA, 2025

Regional Threat Landscape

Figures are sourced independently per region and are not directly comparable across different reporting methodologies — see the citation under each card.

Africa

2,960

average weekly cyberattacks per organization — among the highest of any region

  • Africa loses an estimated 10% of GDP to cyberattacksUN Economic Commission for Africa
  • Cyber-related crime is a medium-to-high share of all crime in 2 of 3 countries surveyed, rising to 30% in Western & Eastern AfricaINTERPOL, 2025
  • Ransomware detections led by South Africa (17,849) and Egypt (12,281), followed by Nigeria (3,459) and Kenya (3,030)INTERPOL, 2025
  • 90% of African countries report needing significant improvement in cybercrime law enforcement or prosecution capacityINTERPOL, 2025

INTERPOL Africa Cyberthreat Assessment Report 2025 (4th Edition, May 2025)

Asia-Pacific

3.4M

unfilled cybersecurity roles projected for 2026 — the largest workforce gap of any region

  • More than half of surveyed countries report cybercrime now accounts for 30% of all recorded national crimeINTERPOL, 2025/2026
  • Phishing is the most widespread and damaging cybercrime type — 33% of countries report over 10,000 casesINTERPOL, 2025/2026
  • 763+ victims named on ransomware and data-extortion leak sites; India, Australia, Japan, Taiwan and Singapore most affectedJan 2024 – Apr 2025
  • Regional cybersecurity market projected to grow from $83.9B (2026) to $158.4B by 2031Market Intelligence, 2026

INTERPOL Asia & South Pacific Cyberthreat Assessment Report 2025/2026; WEF Global Cybersecurity Outlook 2026

Europe

77%

of all analyzed EU incidents were DDoS attacks, mostly hacktivist-driven

  • 4,875 cybersecurity incidents analyzed across the EU (Jul 2024 – Jun 2025)ENISA, Oct 2025
  • Phishing was the primary initial-intrusion method in 60% of observed casesENISA, 2025
  • Public administration was the most targeted sector at 38% of incidentsENISA, 2025
  • 82 distinct ransomware variants deployed; Akira (11.6%), SafePay (10.1%) and Qilin (7.5%) most activeENISA, 2025

ENISA Threat Landscape 2025 (October 2025)

North America

$10.22M

average US data breach cost — 2.3× the global average, highest in the world for 15 consecutive years

  • Healthcare remains the costliest industry globally at $7.42M per breach, its 15th year at #1IBM, 2025
  • Average breach lifecycle fell to 241 days (181 to detect, 60 to contain) — the shortest in 9 yearsIBM, 2025
  • Organizations using AI security tools extensively saved $1.9M per breach and detected incidents 80 days fasterIBM, 2025
  • Attackers used AI in 16% of breaches; 97% of AI-related breaches hit organizations lacking proper access controlsIBM, 2025

IBM Cost of a Data Breach Report 2025

Latin America

more cyberattacks faced than the US — now the world's most cyber-targeted region, overtaking Africa

  • Organizations faced an average of ~3,065 attacks per week, up 26% year-over-yearCheck Point Research, 2025
  • Active ransomware variants in the region rose from 48 to 79 in a single yearCheck Point Research, 2025
  • 8.13% of organizations experienced a ransomware attack — the highest rate of any region globallyCheck Point Research, 2025
  • Brazil accounts for ~30% of identified ransomware victims regionally, followed by Mexico (~14%) and Argentina (~13%)Check Point Research, 2025

Check Point Research — Latin America 2025 Cyber Threat Report

Oceania

84,700+

cybercrime reports received in Australia — one every 6 minutes

  • ASD's ACSC responded to over 1,200 cyber security incidents, up 11% year-over-yearASD/ACSC, Oct 2025
  • Average cost per cybercrime report for businesses rose 50% to AUD $80,850; large businesses saw losses rise 219%ASD/ACSC, 2025
  • Critical infrastructure entities were notified of malicious activity 190+ times, up 111% year-over-yearASD/ACSC, 2025
  • Denial-of-service attacks on critical infrastructure surged 280%ASD/ACSC, 2025

Australian Signals Directorate / ACSC Annual Cyber Threat Report 2024–25 (October 2025)

Live Threat Intelligence Feeds

The statistics above are a point-in-time snapshot. For continuously updating vulnerability and indicator-of-compromise data, integrate these feeds directly into a SIEM, SOAR, or vulnerability management pipeline.

Live Vulnerability & Threat Data

Pulled directly from the feeds above — actively exploited CVEs synced nightly with AI breakdowns, live CISA advisories, and IOC/pulse data from our connected feeds.

Actively Exploited Vulnerabilities

CVE-2026-35273 Ransomware

Oracle PeopleSoft Enterprise PeopleTools

This critical vulnerability, CVE-2026-35273, affects Oracle PeopleSoft Enterprise PeopleTools versions 8.61 and 8.62. It's a flaw where important system functions lack proper security checks. An attacker can exploit this over the internet without needing a username or password, leading to a complete takeover of your PeopleSoft system.

CVE-2026-50751 Ransomware

Check Point Security Gateway

This vulnerability affects Check Point Security Gateway products, allowing an attacker to connect to your network through the VPN without knowing the correct password. It exploits a weakness in an older, less secure part of the system called IKEv1. This means an unauthorized person can gain remote access to your network.

CVE-2026-45321 Ransomware

TanStack TanStack

CVE-2026-45321 is an unspecified vulnerability in TanStack that allowed attackers to publish malicious versions of its packages to the npm registry. These malicious versions, disguised as trusted updates, contained credential-stealing malware. The attackers achieved this by exploiting a series of GitHub Actions misconfigurations to gain unauthorized publishing capabilities.

CVE-2026-48027 Ransomware

Nx Nx Console

This vulnerability involves a malicious version of the Nx Console tool, specifically version 18.95.0, that was briefly distributed. If installed, this compromised version contained hidden code designed to steal sensitive credentials from various locations on a user's computer. The issue has since been addressed, and a clean version is available.

View full KEV database

abuse.ch ThreatFox — Recent IOCs

domainConfidence 100%

ggj2o3iw.zaribbala.bet

payload_delivery · ClearFake · 10 Jul 2026

domainConfidence 100%

er4goixf.zaribbala.bet

payload_delivery · ClearFake · 10 Jul 2026

domainConfidence 100%

ovya.logiccascade.top

payload_delivery · ClearFake · 10 Jul 2026

domainConfidence 100%

dhig.logiccascade.top

payload_delivery · ClearFake · 10 Jul 2026

ip:portConfidence 100%

176.53.159.46:8080

botnet_cc · DCRat · 10 Jul 2026

ip:portConfidence 100%

38.54.61.225:443

botnet_cc · Cobalt Strike · 10 Jul 2026

Sources & Methodology

Every statistic above is drawn from a named, publicly available threat report. Figures use each report's own reporting window and methodology, so cross-region comparisons should be read directionally, not as a normalized ranking.

  1. 1.INTERPOL Africa Cyberthreat Assessment Report 2025 (4th Edition)
  2. 2.INTERPOL Asia and South Pacific Cyberthreat Assessment Report 2025/2026
  3. 3.ENISA Threat Landscape 2025
  4. 4.IBM Cost of a Data Breach Report 2025
  5. 5.Check Point Research — Latin America 2025 Cyber Threat Report
  6. 6.Australian Signals Directorate — Annual Cyber Threat Report 2024–25
Know Where You Stand

Turn Threat Intelligence Into Action

Global statistics tell you the trend — a VAPT assessment tells you where your own organization is exposed. CRS delivers continuous, compliance-grade penetration testing across Africa and North America.