Nigerian organizations are seeing the highest frequency of weekly cyberattacks in Africa, as indicated by the recently published African Perspectives on Cyber Security Report 2025 by Check Point Software Technologies Ltd., a global pioneer in cybersecurity solutions.
The data indicates that Nigerian companies endure an average of 4,200 attacks weekly, markedly above the continental average of 3,153 and surpassing the global average of 1,963 attacks per organization by 60 percent.
The results indicate a significant increase in assaults throughout Africa, primarily propelled by threats facilitated by artificial intelligence.
Kingsley Oseghale, Country Manager for West Africa at Check Point, stated that assailants are progressively employing AI to automate phishing, impersonation, and cloud exploitation.
“Artificial intelligence has integrated into the attack surface,” Oseghale stated. “Malefactors are employing it to automate phishing and identity theft on a large scale.” The sole effective solution is a prevention-first security approach that integrates visibility, governance, and artificial intelligence protection.
The report indicates that hackers are leveraging compromised identities and improperly configured systems to assault vital industries, such as finance, energy, telecommunications, and government. Identity-driven attacks, AI-facilitated phishing schemes, and multi-faceted ransomware are increasing.
Check Point detected significant trends across many markets on the continent. Nigeria is encountering business email compromise and cloud exploitation; South Africa is witnessing an increase in ransomware, smishing, and botnet infections like Vo1d and XorDDoS; Kenya has observed ransomware attacks on critical energy infrastructure; and Morocco has faced coordinated disruptions in government and the education sector through DDoS and website defacement attacks.
The paper emphasizes five significant transformations influencing Africa’s cyber risk in 2025. Traditional ransomware has transformed into data-leak extortion, AI-generated deceit is prevalent, and identity has become the new security perimeter. The paper cautions that inadequate cybersecurity may now impact worldwide market access due to rules like the EU’s NIS2 Directive, rendering digital resilience an economic need.
The report advocates for African enterprises and governments to implement prevention-oriented security policies, encompassing ongoing risk evaluation, regulatory preparedness, and public-private partnerships.
Oseghale underscored that, as AI transforms processes, cybersecurity must transition from reactive measures to predictive strategies. “The true challenge lies not in the adoption of new technology, but in establishing the trust that supports it,” he stated.
About the Author
