Nigerian organisations are facing the highest volume of weekly cyberattacks in Africa, according to the newly released African Perspectives on Cyber Security Report 2025 by Check Point Software Technologies Ltd., a global leader in cybersecurity solutions.
The report reveals that Nigerian firms experience an average of 4,200 attacks per week, significantly higher than the continental average of 3,153 and 60 per cent above the global average of 1,963 attacks per organisation. The findings highlight a sharp rise in attacks across Africa, driven largely by artificial intelligence-enabled threats.
Country Manager for West Africa at Check Point, Kingsley Oseghale, said attackers are increasingly using AI to automate phishing, impersonation, and cloud exploitation.
“AI has become part of the attack surface,” Oseghale said. “Attackers are using it to automate phishing and identity theft at scale. The only effective response is prevention-first security that combines visibility, governance, and AI protection.”
The report notes that cybercriminals are exploiting exposed identities and misconfigured systems to target critical sectors, including finance, energy, telecoms, and government. Identity-led intrusions, AI-generated phishing campaigns, and multi-vector ransomware are on the rise.
Across the continent, Check Point identified key trends in different markets. Nigeria is experiencing business email compromise and cloud exploitation; South Africa faces rising ransomware, smishing, and botnet infections such as Vo1d and XorDDoS; Kenya has seen ransomware targeting critical energy infrastructure; and Morocco has experienced coordinated government and education-sector disruptions via DDoS and website defacement attacks.
The report highlights five major shifts shaping Africa’s cyber risk in 2025. Traditional ransomware has evolved into data-leak extortion, AI-generated deception is widespread, and identity has emerged as the new security perimeter. Weak cybersecurity, the report warns, can now affect international market access under regulations such as the EU’s NIS2 Directive, making digital resilience an economic necessity.
The study urges African businesses and governments to adopt prevention-first security strategies, including continuous risk assessment, regulatory readiness, and public-private collaboration.
Oseghale emphasised that, as AI reshapes operations, cybersecurity must shift from reaction to prediction. “The real challenge is not adopting new technology but securing the trust that underpins it,” he said.
Leave a comment