Joy Agwunobi
Nigeria has become the most targeted country for cyber-attacks among Africa’s major economies, with organisations in the country now facing an average of 4,200 attempted intrusions every week, according to a new report by Check Point Software Technologies.
The findings, published in the African Perspectives on Cyber Security Report 2025, highlights the deepening cyber risk landscape, amplified by AI-powered attacks and evolving threat actor strategies.
The report analysed threat patterns across Nigeria, South Africa, Kenya, Morocco, and Ethiopia. While Ethiopia ranked as the most attacked nation overall due to concentrated attacks on government networks, Nigeria recorded the highest weekly attack volume per organisation, far above the continental average of 3,153, itself 60 percent higher than the global baseline of 1,963 attacks per organisation per week.
The bulk of attacks against Nigerian institutions stem from Business Email Compromise (BEC) schemes and cloud exploitation trends that take advantage of misconfigured systems, exposed identities, and increasingly automated phishing operations.
Lorna Hardie, regional director for Africa at Check Point Software Technologies, warned that artificial intelligence has become deeply embedded in the threat landscape. “AI has become part of the attack surface. Attackers are using it to automate phishing and identity theft at scale. The only effective response is prevention-first security that combines visibility, governance, and AI protection,” she said.
Across all the countries studied, Check Point Research reported a marked rise in AI-generated phishing emails, deepfake impersonations, and automated cloud attacks. Identity-based intrusions including credential theft and abuse of misconfigured access privileges have become one of the most exploited weaknesses across finance, energy, telecoms, and public-sector infrastructure.
Traditional ransomware, the report notes, is steadily being replaced by data-leak extortion, where attackers no longer rely solely on encryption but instead threaten to publish or sell stolen information.
The report also outlined distinct country-by-country patterns across the continent. In Nigeria, organisations contended with the highest volume of weekly attacks, largely driven by BEC schemes and cloud exploitation. South Africa experienced a growing wave of ransomware incidents, phishing attempts, and widespread botnet infections linked to strains such as Vo1d and XorDDoS.
Kenya faced mounting pressure on its critical infrastructure, with ransomware actors increasingly targeting the national energy grid. Morocco, meanwhile, dealt with disruptions across government and education networks, following coordinated DDoS campaigns and deliberate website defacements.
Across all markets, AI-powered phishing, misconfigured cloud environments, and exposed credentials remained the leading causes of compromise.
One of the report’s emerging themes is that cyber risk is no longer limited to technical vulnerabilities; regulatory compliance is now influencing market access. New global frameworks including Europe’s NIS2 Directive require stronger digital controls, and organisations that fall short could lose access to international value chains.
Check Point warns that Africa’s accelerated digital adoption is outpacing security investments, widening exposure across cloud, identity management, and AI-driven business systems. “Technology innovation is moving faster than the security frameworks meant to protect it,” the report states, urging African organisations to shift from reactive controls to prevention-based strategies.
The report concludes that strengthening resilience will require more than new tools, it will demand continuous risk assessment, improved regulatory preparedness, and deeper collaboration between governments and private-sector operators.
Hardie said the continent must prioritise proactive security thinking as digital systems become more integrated with national economies. “The real challenge is not adopting new technology but securing the trust that underpins it. As AI reshapes how organisations operate, cybersecurity must move from reaction to prediction. The future of resilience in Africa depends on prevention-first strategies that anticipate threats before they emerge,” she added.
