Check Point Research: SA firms hit by over 2 100 cyber attacks per week in January

January 2026 Cyber Attack Surge Highlights Growing Threats from GenAI and Ransomware

In January 2026, cyber attacks surged globally, with organizations facing an average of 2,090 weekly attacks a 3% increase from December 2025 and a 17% rise year-on-year (YOY). South African entities experienced 2,145 attacks per week, a 36% YOY increase, according to Check Point Research’s latest threat intelligence report.

Africa saw 2,864 weekly attacks per organization, though this marked a 6% YOY decline. Nigeria recorded the highest attack volume on the continent (4,701 per week, +12% YOY), followed by Angola (4,512, -7% YOY) and Kenya (2,172, -41% YOY). The most targeted sectors included government, financial services, and consumer goods.

The rise in attacks is attributed to expanding ransomware activity and generative AI (GenAI) adoption, which has introduced new data exposure risks. Check Point found that one in 30 GenAI prompts from corporate networks contained sensitive data such as internal documents, personal identifiers, or proprietary code affecting 93% of organizations using GenAI tools. Many firms used an average of 10 unmanaged GenAI tools monthly, increasing vulnerabilities to ransomware and AI-driven attacks.

Globally, the education sector remained the most targeted (4,364 weekly attacks, +12% YOY), followed by government entities (2,759, +8% YOY) and telecommunications (2,647, +8% YOY). Latin America saw the highest attack volumes (3,110 per week, +33% YOY), while North America (19% YOY increase) and Europe (18% YOY increase) also faced significant rises.

Ransomware incidents reached 678 publicly reported cases in January, a 10% YOY increase, with North America (52%) and Europe (24%) as primary targets. The U.S. accounted for 48% of global victims, followed by the UK (5%) and Canada (4%). The most affected industries were business services (33%), consumer goods (15%), and industrial manufacturing (11%). Leading ransomware groups included Qilin (15%), LockBit (12%), and Akira (9%).

Source: https://www.itweb.co.za/article/sa-firms-hit-by-over-2-100-cyber-attacks-per-week-in-january/KzQenMjy9rB7Zd2r

Checkpoint Research Inc. cybersecurity rating report: https://www.rankiteo.com/company/checkpoint-research-inc

"id": "CHE1770890797",
"linkid": "checkpoint-research-inc",
"type": "Cyber Attack",
"date": "1/2026",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"

{'affected_entities': [{'industry': ['government',
                                     'financial services',
                                     'consumer goods',
                                     'education',
                                     'telecommunications',
                                     'business services',
                                     'industrial manufacturing'],
                        'location': ['global',
                                     'South Africa',
                                     'Nigeria',
                                     'Angola',
                                     'Kenya',
                                     'U.S.',
                                     'UK',
                                     'Canada',
                                     'Latin America',
                                     'North America',
                                     'Europe'],
                        'type': 'organization'}],
 'attack_vector': ['GenAI tools', 'unmanaged applications'],
 'data_breach': {'data_exfiltration': 'yes',
                 'personally_identifiable_information': 'yes',
                 'sensitivity_of_data': 'high',
                 'type_of_data_compromised': ['internal documents',
                                              'personal identifiers',
                                              'proprietary code']},
 'date_detected': '2026-01',
 'date_publicly_disclosed': '2026-01',
 'description': 'In January 2026, cyber attacks surged globally, with '
                'organizations facing an average of 2,090 weekly attacks, a 3% '
                'increase from December 2025 and a 17% rise year-on-year '
                '(YOY). South African entities experienced 2,145 attacks per '
                'week, a 36% YOY increase. The rise in attacks is attributed '
                'to expanding ransomware activity and generative AI (GenAI) '
                'adoption, which introduced new data exposure risks. Check '
                'Point found that one in 30 GenAI prompts from corporate '
                'networks contained sensitive data, affecting 93% of '
                'organizations using GenAI tools. Ransomware incidents reached '
                '678 publicly reported cases in January, a 10% YOY increase.',
 'impact': {'data_compromised': 'sensitive data (internal documents, personal '
                                'identifiers, proprietary code)',
            'identity_theft_risk': 'high'},
 'motivation': ['financial gain', 'data exfiltration'],
 'post_incident_analysis': {'root_causes': ['expanding ransomware activity',
                                            'GenAI adoption risks',
                                            'unmanaged GenAI tools']},
 'ransomware': {'data_encryption': 'yes',
                'data_exfiltration': 'yes',
                'ransomware_strain': ['Qilin', 'LockBit', 'Akira']},
 'references': [{'date_accessed': '2026-01',
                 'source': 'Check Point Research’s latest threat intelligence '
                           'report'}],
 'threat_actor': ['Qilin', 'LockBit', 'Akira'],
 'title': 'January 2026 Cyber Attack Surge Highlights Growing Threats from '
          'GenAI and Ransomware',
 'type': ['ransomware', 'data_exposure', 'AI-driven_attack'],
 'vulnerability_exploited': ['unsecured GenAI prompts',
                             'lack of managed GenAI tools']}