NIGERIAN ORGANISATIONS HIT BY HIGHEST WEEKLY CYBERATTACKS IN AFRICA — REPORT
Nigerian organisations are currently experiencing the highest number of weekly cyberattacks in Africa, according to the African Perspectives on Cyber Security Report 2025 released by Check Point Software Technologies Ltd., a global leader in cybersecurity solutions.
The report indicates that Nigerian firms face an average of 4,200 cyberattacks per week, well above the continental average of 3,153 and 60 percent higher than the global average of 1,963 attacks per organisation. The surge in attacks across Africa is largely driven by artificial intelligence-enabled threats.
Kingsley Oseghale, Country Manager for West Africa at Check Point, explained that attackers are increasingly leveraging AI to automate phishing, identity theft, and cloud exploitation campaigns.
“AI has become part of the attack surface,” Oseghale said. “Cybercriminals are using it to scale phishing and identity-based attacks. The most effective defence is a prevention-first approach that combines visibility, governance, and AI-based protection.”
The report notes that exposed identities and misconfigured systems are being exploited to target key sectors such as finance, energy, telecommunications, and government. Incidents including identity-led intrusions, AI-generated phishing, and multi-vector ransomware attacks are on the rise.
Across Africa, Check Point highlighted trends in different markets: Nigeria is grappling with business email compromise and cloud exploitation; South Africa is experiencing increasing ransomware, smishing, and botnet attacks such as Vo1d and XorDDoS; Kenya has seen ransomware targeting critical energy infrastructure; and Morocco has faced coordinated disruptions in the government and education sectors through DDoS and website defacement attacks.
The report identifies five major shifts driving Africa’s cyber risk landscape in 2025: traditional ransomware evolving into data-leak extortion, widespread AI-generated deception, and identity emerging as the new security perimeter. Weak cybersecurity, the study warns, could now affect access to international markets under regulations like the EU’s NIS2 Directive, making digital resilience an economic imperative.
The study calls on African businesses and governments to adopt prevention-first strategies, including continuous risk assessment, regulatory preparedness, and public-private collaboration.
Oseghale stressed that, as AI transforms business operations, cybersecurity must move from reactive to predictive approaches. “The real challenge is not just adopting new technology, but securing the trust that supports it,” he said.
