Nigeria recorded 3,459 ransomware threat detections in 2024, placing it third on the continent behind Egypt and South Africa, according to INTERPOL’s newly released 2025 Africa Cyberthreat Assessment Report. The findings highlight the growing scale and sophistication of cybercrime in Africa as the continent’s digital footprint expands rapidly.
The report, based on data from INTERPOL’s private sector partners, reveals a notable spike in monthly ransomware activity across Africa last year, with highly digitized economies bearing the brunt of the attacks. Egypt topped the chart with 17,849 ransomware detections, followed by South Africa with 12,281. Kenya (3,030), Gambia (1,729), and Ghana (1,671) followed Nigeria in the top ten.
INTERPOL identified ransomware, online scams, business email compromise (BEC), and sextortion as Africa’s most dangerous cyber threats. The report highlighted how the scale and methods of attack differ across regions depending on levels of cybersecurity awareness, infrastructure, and digital literacy.
Cybercrime has become increasingly prevalent, now accounting for more than 30 per cent of all reported crimes in West and East Africa, according to Nairametrics. The economic impact has also been severe. Key sectors such as finance, telecommunications, government services, energy, and infrastructure have been affected by attacks that often result in business paralysis and large-scale financial losses.
One of the most prominent incidents cited in the report was the April 2024 breach at Nigerian fintech company Flutterwave, where hackers reportedly made away with about $7 million. The report noted that “in many cases, ransom demands ranged from tens of thousands to millions of dollars, typically demanded in cryptocurrency,” leading to substantial recovery costs, prolonged operational downtimes, and lost revenue.
Across the continent, organizations have struggled to recover from the fallout of such attacks. In Cameroon, electricity provider ENEO suffered disruptions to its power management systems, while in Kenya, the Urban Roads Authority (KURA) faced a significant data breach compromising infrastructure records.
The INTERPOL report emphasizes the urgent need for governments, businesses, and institutions in Africa to adopt proactive cybersecurity strategies to safeguard digital systems and critical infrastructure from increasingly complex threats.
Leave a comment