Our world is increasingly dependent on digital infrastructure, evident in 2025’s unprecedented spike in cyberattacks including ransomware, phishing, DDoS attacks, espionage, and infrastructure hacks. As Artificial Intelligence (AI) tools become more sophisticated and geopolitical tensions escalate, certain countries are facing a surge in targeted digital threats.
Based on the latest data available, here are the Top 10 countries most affected by cyberattacks in 2025, along with the reasons behind their heightened risk.
United States
The United States is the most targeted country globally, accounting for 61% of all ransomware attacks, according to Fortinet’s Global Threat Landscape Report.
On average, U.S. organizations face over 1,300 attacks per week, up 56% year-over-year hitting a record high of 1,876 per organization as depicted in the chart below.
The sectors most affected are finance, healthcare, and government with major incidents targeting power grids and hospitals, and data breaches involving sensitive military and federal agency records.
This is happening because the U.S. is a high-value target due to its global influence, critical infrastructure, and advanced digital ecosystems. It is also the base for many Fortune 500 companies and defense contractors.
China
China has a multifaceted role in the global cyber domain, being both a common target and a major origin of cyber operations. The country hosts prominent state-affiliated hacking groups like APT10 and RedEcho and is thought to account for around 20 percent of worldwide cyberattacks. Simultaneously, Chinese infrastructure which includes government networks and telecommunications systems is frequently attacked by foreign cyber units, especially those from the United States and India. Through its tight regulation of information and sophisticated technological skills, China continues to be intricately involved in global cyber disputes, frequently functioning as both an attacker and a victim.
Russia
Russia ranks #1 in the World Cybercrime Index as a source of ransomware and espionage attacks. Russia is a global cyber superpower, both attacker and target. Russian companies and critical infrastructure have also become retaliatory targets, especially amid the ongoing Ukraine conflict. Western intelligence agencies regularly attempt to breach Russian networks as part of counterintelligence campaigns.
Why? Russia’s cyber capabilities are deeply tied to geopolitical aims. It uses digital operations to influence elections, steal defense secrets, and disrupt adversaries’ economies.
Ukraine
Ukraine is facing constant cyberattacks as part of its ongoing conflict with Russia.
It is one of the most targeted countries –ranks #2– in the world, with thousands of hacking attempts every single day.
In December 2023, a major attack shut down Kyivstar, the country’s biggest mobile network, leaving millions without service.
These attacks often involve viruses, system overloads, and attempts to cut off power or disrupt government services.
Ukraine has become a testing ground for cyberwar tactics, and what is happening there could shape how future digital wars are fought around the world.
Israel
Israel has become a major target for cyberattacks linked to ongoing political tensions in the region.
In 2024 alone, it was hit with more than 1,500 serious attacks, including stolen data, website defacements, and ransomware—many tied to pro-Palestinian and Iranian groups.
The number of attacks tripled after the October 2023 conflict in Gaza, putting even more pressure on Israel’s digital defenses.
Hackers have mainly focused on government systems, the military, news outlets, and healthcare services.
Israel’s strong role in the Middle East and its advanced technology make it a frequent target for groups with political or ideological motives.
South Korea
South Korea is one of the top targets in Asia for cyberattacks, especially those linked to spying and financial theft.
A 2024 report from BlackBerry ranked it second in the world for new types of malware.
Most of the attacks come from North Korea and are aimed at stealing cryptocurrency or disrupting important systems like banks, energy, and defense.
South Korea is often targeted because of its close ties to North Korea, its advanced technology, and its key role in the global economy, which makes it a valuable focus for hackers.
Japan
Japan, a major player in global technology and industry, is under heavy cyberattack.
- It has been hit by hundreds of well-planned hacking attempts, many of them linked to groups from China and North Korea.
- In 2024 alone, over 200 attacks were connected to a group called MirrorFace.
- These attacks mainly focus on important sectors like transportation, technology, and national defense.
Japan’s strong alliance with the U.S. and its central role in global tech and defense markets have made it a key target for cyber adversaries.
Canada
Canada is seeing more and more cyberattacks on both public services and private businesses.
- It now ranks among the top five countries hit by ransomware and malware.
- Since late 2024, hospitals and city systems across the country have been targeted and breached.
- Cybercrime has jumped by over 70% in just three years, and scams using AI-generated emails are becoming more common.
Why is this happening? Canada is often caught in the crossfire of attacks aimed at the U.S., and hackers also see it as an easier way to access North American networks.
Australia
Australia is being hit hard by cyberattacks, especially in healthcare and telecom.
- In 2025, it ranked 4th in the world for the number of cyberattacks, according to BlackBerry.
- Hackers have breached Australia’s national health database and several universities.
- In March, a major telecom company suffered a data breach that exposed millions of user records.
Why is Australia targeted? Its location in the Indo-Pacific and strong partnerships with countries like the U.S. and UK make it a frequent target for cyber threats.
India
A rapidly growing cyber target.
- India saw a 278% surge in state-sponsored cyberattacks between 2021–2024.
- Financial institutions, government portals, and tech companies are under constant threat.
- India is both a major consumer of digital services and a rising global tech hub.
Why? As India digitizes its economy, it becomes more exposed. Its strained ties with China and Pakistan also increase vulnerability
Global Trends: A Shift Toward AI-Powered Threats
Cyber threats in 2025 are not just growing, they are evolving.
They are faster than ever, with bots scanning for weaknesses at a rate of 36,000 times per second.
They are smarter, too. AI now creates phishing emails so convincing they can fool even experienced professionals by mimicking real company executives.
And they are harder to trace, as attackers use layers of fake identities and misinformation to cover their tracks.
According to Check Point Research, North America and Europe are facing the bulk of these attacks, making up nearly 90% combined. But the fastest-growing region for cyber threats is Africa, where attacks have jumped by an astonishing 90% in just one year, showing that no part of the world is being left untouched.
How Countries Are Responding
Nations around the world are not just sitting back, stepping up their defenses in many ways
- Locking down access: Many countries are now using “zero-trust” systems, where every part of a network is carefully protected, and no one gets automatic access, not even from inside.
- Teaming up: Alliances like NATO, the Quad, and ASEAN are sharing threat intelligence more than ever, working together to spot and stop cyber threats before they spread.
- Cracking down on ransom: Countries including the U.S., Australia, and France are pushing to make it illegal to pay ransoms to hackers, hoping to cut off the money that fuels many attacks.
Using AI to fight AI: Governments are starting to rely on predictive AI tools to detect suspicious activity early and shut down threats in real time before damage is done.
Conclusion: A Global Cyber Cold War
In 2025, cyber threats are not merely a tech issue, they reflect the same global tensions we see in politics and conflict.
The tools we use to protect ourselves like AI, quantum computing, and smart analytics are also being used by attackers. It is a digital arms race, and no country is completely safe.
That is why cybersecurity can not be treated as just another IT task. It needs to be seen as a core part of national defense just as important as borders or budgets.
As we head into the second half of the decade, the countries that will come out strongest are those that build resilience, share knowledge, and stay one step ahead through innovation. Those that do not risk being left exposed.
