Cyber attacks accelerated again in April 2026 after a brief moderation in March, with global organizations facing an average of 2,201 weekly attacks, a 10 percent month-on-month rise and an 8 percent increase year on year, according to Check Point Research data cited in the report.
India Faces Higher Cyber Exposure
The data showed that India remained under heavier pressure than the global average, with organizations facing more than 3,300 cyber attacks per week over the last six months. This was significantly higher than the global average of 2,064 weekly attacks per organization.
Registration Begins for FutureCrime Summit 2026, India’s Largest Cybercrime Conference
The report said the rise reflected the volatility of the current threat landscape, where attackers continue to use automation, expanded digital footprints, exposed cloud systems and GenAI environments to maintain pressure across industries and regions. It also noted that short-term declines in cyber activity did not point to any structural reduction in operational risk.
Education, Government and Telecom Among Key Targets
The education sector remained the most targeted industry globally in April, with organizations facing an average of 4,946 weekly attacks, marking an 8 percent year-on-year increase. The government sector ranked second with 2,797 weekly attacks, reflecting a marginal 1 percent decline from a year earlier, while telecommunications followed with 2,728 weekly attacks and a 3 percent year-on-year increase.
In India, the concentration was even sharper across critical industries. Education recorded over 7,181 weekly attacks per organization in the last month, followed by government at 4,634, construction and engineering at 3,858, consumer goods and services at 3,567, and business services at 3,485. Telecommunications, energy and utilities, information technology and financial services also remained heavily targeted.
Regional data showed broad-based growth in cyber activity, with every region recording month-on-month increases. Latin America remained the most targeted region globally, averaging 3,364 weekly attacks per organization and a 20 percent year-on-year increase. APAC followed with 3,213 weekly attacks and a 4 percent increase, while Africa recorded 2,940 weekly attacks despite a 9 percent year-on-year decline.
Ransomware and GenAI Risks Remain Elevated
The report also highlighted persistent risks linked to enterprise GenAI usage. In April 2026, one in every 28 GenAI prompts posed a high risk of sensitive data leakage, while 90 percent of organizations using GenAI tools regularly were affected by this risk. An additional 19 percent of prompts contained potentially sensitive information, and organizations used an average of 10 different GenAI tools.
Ransomware activity also expanded during the month, with 707 attacks reported globally in April 2026. This represented a 5 percent increase month on month and a 12 percent rise year on year. North America accounted for 46 percent of reported incidents, followed by Europe at 27 percent and APAC at 17 percent.
India continued to face higher ransomware exposure than the global average. Over the last six months, ransomware affected an average of 7.0 percent of organizations in India, compared with the global average of 3.6 percent. The broader malware environment also remained elevated, with botnet activity affecting 17.3 percent of organizations, infostealer malware affecting 7.5 percent and banking malware affecting 4.3 percent on average.
Business services accounted for the largest share of ransomware victims at 33.8 percent, followed by consumer goods and services at 14.4 percent and industrial manufacturing at 9.9 percent. At the country level, the United States remained the most impacted nation, accounting for 41.6 percent of reported ransomware attacks, followed by Germany, Canada, Italy and the United Kingdom.
