Cyberattacks against Belgian organisations have increased by 17% in one year, with an average of 1,275 attacks per week in the second quarter of 2025, according to figures provided by specialist company Check Point Software Technologies.
The sectors most targeted are healthcare, financial services and consulting firms.
In healthcare, there was an average of 2,620 attacks per organisation per week in the second quarter of 2025. The weekly average was 1,802 for financial institutions and 1,765 for consulting firms.
Some 42% of cyberattacks originated in the USA
"The high pressure on the healthcare sector is due in particular to often underfunded security systems and a large amount of sensitive data on patients and staff," Check Point Software Technologies noted. "Financial institutions also remain prime targets due to the confidential nature of their data."
Cyberattacks against Belgian companies originate mainly from the United States (42%). One in ten is launched from Belgium.
The most widespread malware in Belgium is FakeUpdates, a downloader software. Approximately 63% of malicious files are transmitted by email, compared to 37% via the web. Remote code execution is the most common type of vulnerability (69%).
Attack patterns are becoming more sophisticated
At the European level, Luxembourg saw the sharpest increase (+59%, with 1,862 attacks/week), followed by the Netherlands (+50%, with 1,144 attacks/week).
"Attack patterns in Europe are becoming more sophisticated, more targeted and increasingly locally adapted," says Lieven Van Rentergem, Security Expert at Check Point Software. "We are seeing a clear transition from traditional ransomware to techniques based on information theft or the use of AI.
"In the second quarter, it was not massive leaks that dominated, but silent attacks that allowed access to networks, cloud services or credentials, often without companies noticing immediately."
Globally, organisations suffered an average of 1,984 cyberattacks per week, a 21% increase compared to the same period in 2024, and a 58% increase compared to two years ago.
Microsoft is the brand most faked by scammers
No sector is spared, but education is the one most affected with 4,388 attacks per organisation per week (+31% in one year). The public sector comes in second with 2,632 attacks per week (+26%), while telecommunications recorded the highest proportional increase: +38%, with 2,612 attacks per week.
This trend can be explained by these sectors' growing dependence on digital infrastructure and their public exposure, which makes them ideal targets for cybercriminals.
Finally, it should be noted that in the second quarter of 2025, phishing campaigns became more sophisticated, with cybercriminals posing as well-known brands via fake websites or emails.
Microsoft (25%) was the most impersonated brand, ahead of Google (11%), Apple (9%), Spotify (6%), Adobe (4%), LinkedIn (3%), Amazon (2%), Booking (2%), WhatsApp (2%) and Facebook (2%).
