Severe cyberattacks are becoming less common, with new data from cybersecurity company Kaspersky showing a sharp drop in high-impact incidents over the past six years.
In its “Anatomy of a Cyber World: Global Report by Kaspersky Security Services,” Kaspersky said high-severity incidents fell to 3.8% in 2025, down from a peak of 14.3% in 2021. The company defines these incidents as attacks involving human activity that cause serious damage to IT systems.
The report also found that the total number of high-severity incidents detected by Kaspersky Managed Detection and Response (MDR) dropped by 19% compared to 2024. This suggests that threats are being detected earlier and stopped before they escalate.
“The decline in high-severity incidents highlights the critical importance of adopting a proactive cybersecurity strategy,” said Sergey Soldatov, head of Security Operations at Kaspersky.
Despite the overall decline, human-driven attacks remain the top cause of serious breaches. These accounted for about 23% of high-severity incidents in 2025 and were detected in nearly 21% of organizations. Attackers continue to find ways around automated defenses, the report said.
Security testing activities, such as red teaming, made up more than 23% of incidents. These are often flagged as threats but are actually controlled exercises requested by companies to test their defenses.
Social engineering attacks, where hackers trick users into giving access, ranked third. They accounted for more than 15% of serious incidents and affected nearly 18% of organizations.
Malware cases made up less than 12%, while traces of past advanced attacks accounted for over 7%. Vulnerability-related issues were reported in fewer than 5% of incidents.
“To further enhance security, organizations should adopt advanced tools like Extended Detection and Response (XDR) for better visibility and faster response,” Soldatov said.
You must be logged in to post a comment.