Check Point Software Technologies released its African Perspectives on Cybersecurity Report 2025, revealing a sharp rise in attacks across the continent and a major shift in attacker tactics driven by artificial intelligence. African organisations now face an average of 3153 attacks per week. Among the key countries analysed – Nigeria, South Africa, Kenya, and Morocco – Nigeria recorded the highest number of weekly attacks at 4200, while Ethiopia ranked as the most attacked nation overall.
Threat actors are increasingly using AI to automate phishing, impersonation, and cloud exploitation. They also target exposed identities and misconfigured systems to gain access. Across finance, energy, telecoms, and government, Check Point Research observed a surge in identity-led intrusions, AI-generated phishing, and multi-vector ransomware.
"AI has become part of the attack surface," said Lorna Hardie, regional director for Africa at Check Point Software Technologies. "Attackers are using it to automate phishing and identity theft at scale. The only effective response is prevention-first security that combines visibility, governance, and AI protection."
Continental findings
• Nigeria: The country’s high volume of weekly attacks on the continent, attributed to business email compromise and cloud exploitation.
• South Africa: A sharp rise in ransomware, smishing, and botnet infections such as Vo1d and XorDDoS.
• Kenya: Critical infrastructure attacks, including ransomware targeting the national energy grid.
• Morocco: Coordinated government and education sector disruptions via DDoS and defacement campaigns.
Across all markets, AI-generated phishing, credential theft, and misconfigured cloud environments were the leading causes of compromise.
The new threat landscape
The report identifies five key shifts shaping Africa’s cyber risk in 2025. Attacks are escalating in sophistication. Nigeria now records more than 4200 attacks per organisation per week, for example. The continental average is 3153 attacks per week, 60% higher than the global baseline of 1963 attacks per organisation per week.
Traditional ransomware has evolved into data-leak extortion, where criminals threaten exposure rather than encryption. AI-powered deception is now pervasive, creating realistic fake voices, videos, and messages that bypass conventional defences. Identity has become the new perimeter as attackers exploit credentials and misconfigured access, while compliance itself has emerged as a business risk.
Under new regulations such as the EU’s NIS2 Directive, weak cybersecurity can now block access to international markets, making digital resilience an economic necessity.
Africa’s next phase: prevention-first security
The African Perspectives on Cybersecurity Report 2025 urges a collective rethink of resilience as digital transformation accelerates across the continent. The findings show that technology innovation, from AI to cloud and identity systems, is outpacing the security frameworks designed to protect them. Addressing this imbalance requires a coordinated shift from reactive to preventive approaches, ensuring that African economies can grow safely in the age of intelligent automation.
The report highlights the importance of continuous risk assessment, regulatory readiness, and public-private collaboration in building long-term digital trust. For business and government leaders, prevention is no longer a technical priority but a strategic one that underpins economic stability and market confidence.
"The real challenge is not adopting new technology, but securing the trust that underpins it. As AI reshapes how organisations operate, cybersecurity must shift from reactive to predictive. The future of resilience in Africa depends on prevention-first strategies that anticipate threats before they emerge," Hardie concludes.
Africa’s digital future will be defined not only by how fast it connects, but by how well it protects. Find the report at www.securitysa.com/ex/AfricanSecurityReport_2025.pdf
© Technews Publishing (Pty) Ltd. | All Rights Reserved.
printer friendly version