Cyber Security Statistics by Continent
Sourced breach, ransomware, and attack-volume statistics for Africa, Asia-Pacific, Europe, North America, Latin America, and Oceania — pulled from INTERPOL, ENISA, IBM, Check Point, and ASD/ACSC threat reports.
Data snapshot: July 2026. Threat statistics age quickly — see Sources & live feeds below for continuous updates.
- $4.44M
- Global average cost of a data breach
- 241 days
- Average time to identify and contain a breach
- 30%+
- Of all recorded crime that is now cyber-related in many African & Asia-Pacific nations
- 82
- Distinct ransomware variants deployed against EU organizations in 12 months
Global · IBM, 2025
Global · IBM, 2025
INTERPOL, 2025
EU · ENISA, 2025
Regional Threat Landscape
Figures are sourced independently per region and are not directly comparable across different reporting methodologies — see the citation under each card.
Africa
2,960
average weekly cyberattacks per organization — among the highest of any region
- Africa loses an estimated 10% of GDP to cyberattacksUN Economic Commission for Africa
- Cyber-related crime is a medium-to-high share of all crime in 2 of 3 countries surveyed, rising to 30% in Western & Eastern AfricaINTERPOL, 2025
- Ransomware detections led by South Africa (17,849) and Egypt (12,281), followed by Nigeria (3,459) and Kenya (3,030)INTERPOL, 2025
- 90% of African countries report needing significant improvement in cybercrime law enforcement or prosecution capacityINTERPOL, 2025
INTERPOL Africa Cyberthreat Assessment Report 2025 (4th Edition, May 2025)
Asia-Pacific
3.4M
unfilled cybersecurity roles projected for 2026 — the largest workforce gap of any region
- More than half of surveyed countries report cybercrime now accounts for 30% of all recorded national crimeINTERPOL, 2025/2026
- Phishing is the most widespread and damaging cybercrime type — 33% of countries report over 10,000 casesINTERPOL, 2025/2026
- 763+ victims named on ransomware and data-extortion leak sites; India, Australia, Japan, Taiwan and Singapore most affectedJan 2024 – Apr 2025
- Regional cybersecurity market projected to grow from $83.9B (2026) to $158.4B by 2031Market Intelligence, 2026
INTERPOL Asia & South Pacific Cyberthreat Assessment Report 2025/2026; WEF Global Cybersecurity Outlook 2026
Europe
77%
of all analyzed EU incidents were DDoS attacks, mostly hacktivist-driven
- 4,875 cybersecurity incidents analyzed across the EU (Jul 2024 – Jun 2025)ENISA, Oct 2025
- Phishing was the primary initial-intrusion method in 60% of observed casesENISA, 2025
- Public administration was the most targeted sector at 38% of incidentsENISA, 2025
- 82 distinct ransomware variants deployed; Akira (11.6%), SafePay (10.1%) and Qilin (7.5%) most activeENISA, 2025
ENISA Threat Landscape 2025 (October 2025)
North America
$10.22M
average US data breach cost — 2.3× the global average, highest in the world for 15 consecutive years
- Healthcare remains the costliest industry globally at $7.42M per breach, its 15th year at #1IBM, 2025
- Average breach lifecycle fell to 241 days (181 to detect, 60 to contain) — the shortest in 9 yearsIBM, 2025
- Organizations using AI security tools extensively saved $1.9M per breach and detected incidents 80 days fasterIBM, 2025
- Attackers used AI in 16% of breaches; 97% of AI-related breaches hit organizations lacking proper access controlsIBM, 2025
IBM Cost of a Data Breach Report 2025
Latin America
2×
more cyberattacks faced than the US — now the world's most cyber-targeted region, overtaking Africa
- Organizations faced an average of ~3,065 attacks per week, up 26% year-over-yearCheck Point Research, 2025
- Active ransomware variants in the region rose from 48 to 79 in a single yearCheck Point Research, 2025
- 8.13% of organizations experienced a ransomware attack — the highest rate of any region globallyCheck Point Research, 2025
- Brazil accounts for ~30% of identified ransomware victims regionally, followed by Mexico (~14%) and Argentina (~13%)Check Point Research, 2025
Check Point Research — Latin America 2025 Cyber Threat Report
Oceania
84,700+
cybercrime reports received in Australia — one every 6 minutes
- ASD's ACSC responded to over 1,200 cyber security incidents, up 11% year-over-yearASD/ACSC, Oct 2025
- Average cost per cybercrime report for businesses rose 50% to AUD $80,850; large businesses saw losses rise 219%ASD/ACSC, 2025
- Critical infrastructure entities were notified of malicious activity 190+ times, up 111% year-over-yearASD/ACSC, 2025
- Denial-of-service attacks on critical infrastructure surged 280%ASD/ACSC, 2025
Australian Signals Directorate / ACSC Annual Cyber Threat Report 2024–25 (October 2025)
Live Threat Intelligence Feeds
The statistics above are a point-in-time snapshot. For continuously updating vulnerability and indicator-of-compromise data, integrate these feeds directly into a SIEM, SOAR, or vulnerability management pipeline.
CISA Known Exploited Vulnerabilities (KEV) Catalog
Authoritative, continuously updated list of CVEs known to be actively exploited in the wild — the single best feed for prioritizing patching.
cisa.gov/.../known_exploited_vulnerabilities.jsonCISA Cybersecurity Advisories
Real-time advisories on active exploitation, ICS/OT vulnerabilities, and nation-state activity from the US Cybersecurity & Infrastructure Security Agency.
cisa.gov/cybersecurity-advisories/all.xmlNVD CVE API 2.0
NIST's National Vulnerability Database — full CVE detail with CVSS scores, CWE mapping, and affected product ranges for every disclosed vulnerability.
services.nvd.nist.gov/rest/json/cves/2.0abuse.ch ThreatFox & URLhaus
Community-sourced indicators of compromise — malicious URLs, malware hashes, and IOCs mapped to threat actors and campaigns, updated continuously.
threatfox.abuse.ch/export/ · urlhaus.abuse.ch/apiAlienVault OTX (Open Threat Exchange)
Crowdsourced threat intelligence pulses covering emerging campaigns, malware families, and IOCs contributed by a global researcher community.
otx.alienvault.com/api/v1/pulses/subscribedHave I Been Pwned
Breach and credential-exposure lookups — useful for monitoring whether partner or customer domains appear in newly disclosed breach datasets.
haveibeenpwned.com/API/v3Live Vulnerability & Threat Data
Pulled directly from the feeds above — actively exploited CVEs synced nightly with AI breakdowns, live CISA advisories, and IOC/pulse data from our connected feeds.
Actively Exploited Vulnerabilities
Oracle PeopleSoft Enterprise PeopleTools
This critical vulnerability, CVE-2026-35273, affects Oracle PeopleSoft Enterprise PeopleTools versions 8.61 and 8.62. It's a flaw where important system functions lack proper security checks. An attacker can exploit this over the internet without needing a username or password, leading to a complete takeover of your PeopleSoft system.
Check Point Security Gateway
This vulnerability affects Check Point Security Gateway products, allowing an attacker to connect to your network through the VPN without knowing the correct password. It exploits a weakness in an older, less secure part of the system called IKEv1. This means an unauthorized person can gain remote access to your network.
TanStack TanStack
CVE-2026-45321 is an unspecified vulnerability in TanStack that allowed attackers to publish malicious versions of its packages to the npm registry. These malicious versions, disguised as trusted updates, contained credential-stealing malware. The attackers achieved this by exploiting a series of GitHub Actions misconfigurations to gain unauthorized publishing capabilities.
Nx Nx Console
This vulnerability involves a malicious version of the Nx Console tool, specifically version 18.95.0, that was briefly distributed. If installed, this compromised version contained hidden code designed to steal sensitive credentials from various locations on a user's computer. The issue has since been addressed, and a clean version is available.
Latest CISA Cybersecurity Advisories
AlienVault OTX Pulses
SilabRAT, What's Your Power?
4 indicators · 10 Jun 2026
GigaWiper: Anatomy of a destructive backdoor assembled from multiple malware
20 indicators · 09 Jul 2026
One Target, Two Flags | Rival Espionage Actors Converge On Pakistani Law Enforcement
71 indicators · 09 Jul 2026
Compromised Injective SDK npm Package Exfiltrates Wallet Keys and Mnemonics
4 indicators · 10 Jul 2026
Fake Banking Rewards, Telegram Delivery and Albiriox: Anatomy of an Android Malware Campaign
10 indicators · 09 Jul 2026
abuse.ch ThreatFox — Recent IOCs
ggj2o3iw.zaribbala.bet
payload_delivery · ClearFake · 10 Jul 2026
er4goixf.zaribbala.bet
payload_delivery · ClearFake · 10 Jul 2026
ovya.logiccascade.top
payload_delivery · ClearFake · 10 Jul 2026
dhig.logiccascade.top
payload_delivery · ClearFake · 10 Jul 2026
176.53.159.46:8080
botnet_cc · DCRat · 10 Jul 2026
38.54.61.225:443
botnet_cc · Cobalt Strike · 10 Jul 2026
Sources & Methodology
Every statistic above is drawn from a named, publicly available threat report. Figures use each report's own reporting window and methodology, so cross-region comparisons should be read directionally, not as a normalized ranking.
- 1.INTERPOL Africa Cyberthreat Assessment Report 2025 (4th Edition)
- 2.INTERPOL Asia and South Pacific Cyberthreat Assessment Report 2025/2026
- 3.ENISA Threat Landscape 2025
- 4.IBM Cost of a Data Breach Report 2025
- 5.Check Point Research — Latin America 2025 Cyber Threat Report
- 6.Australian Signals Directorate — Annual Cyber Threat Report 2024–25
Turn Threat Intelligence Into Action
Global statistics tell you the trend — a VAPT assessment tells you where your own organization is exposed. CRS delivers continuous, compliance-grade penetration testing across Africa and North America.