As Africa accelerates into a digitally connected future—with rising internet penetration, mobile banking, and online services—the continent faces a growing and complex cybersecurity challenge. Cyber threats are no longer a niche concern: they directly threaten economic growth, public trust, and critical infrastructure. Below, we examine the major cybersecurity risks in Africa, the scale of the problem, and how governments and organizations are responding.

Rising Attacks & Evolving Tactics

Cyberattacks in Africa have surged in both sophistication and volume. According to INTERPOL’s 2025 Africa Cyberthreat Assessment Report, cyber-related crimes now account for a significant portion of all crime in some regions:

• Two-thirds of African member countries said cybercrime made up a “medium-to-high” share of all crimes. Interpol

• In Western and Eastern Africa, cybercrime accounts for over 30% of reported crimes. Interpol

• The most common threats? Online scams (especially phishing), ransomware, business email compromise (BEC), and digital sextortion. Interpol

• INTERPOL also found that 90% of African countries say their law enforcement capacity for cyber‑crime prosecution needs “significant improvement.” Interpol

INTERPOL further reported a rise in ransomware detections in 2024, with South Africa (17,849) and Egypt (12,281) among the most affected. Interpol
Critical infrastructure has also been targeted: for example, Kenya’s Urban Roads Authority suffered a breach, and Nigeria’s National Bureau of Statistics (NBS) had its databases hacked. Interpol

Cost of Cyber Crime & Law Enforcement Gaps

• INTERPOL’s report highlights serious resource constraints: 75% of the surveyed countries said they lack adequate legal frameworks, training, and specialized investigative tools. Interpol

• Only around 30% of African nations have an incident reporting system. Even fewer (19%) have a dedicated cyberthreat intelligence database. Interpol

• On international cooperation, 86% of countries called for better cross-border collaboration to combat cybercrime. Interpol

Web‑ & Device-Based Threats

Data from Kaspersky’s 2025 Africa Cyberthreat Landscape Report paints a stark picture:

• There were 131,580,587 web‑based threat attempts in Africa in 2024. content.kaspersky-labs.com+1

• Web threats rose by 1.2% compared to 2023. kaspersky.africa-newsroom.com+1

• Local (on‑device) threats increased by 4%, with notable growth in Nigeria, Ethiopia, South Africa, Senegal, and Morocco. kaspersky.africa-newsroom.com

• Spyware attacks on African businesses increased by 14%, and password-stealer malware rose by 26%. kaspersky.co.za+1

• Additionally, Kaspersky reported 66 million phishing link clicks in 2024, with over 14.8 million coming from corporate users. kaspersky.co.za

Unique Challenges in the African Context

1. Low Cyber Awareness

   • Many individuals and businesses lack basic cybersecurity education, making them vulnerable to phishing and social engineering attacks. arXiv

   • In many countries, multi-factor authentication (MFA) or regular software updates are still not standard practice.

2. Regulatory & Legal Fragmentation

   • While efforts exist, not all African countries have cohesive cybersecurity laws. According to research, the African Union Convention on Cyber Security and Personal Data Protection (AUCDP) faces challenges around harmonization and enforcement. arXiv

   • Cross-border coordination remains weak, limiting cooperation on cybercrime investigations.

3. Infrastructure Vulnerabilities

   • Critical sectors (e.g., telecom, energy) are exposed. Research on IoT devices in Africa shows a high prevalence of open ports, making systems more vulnerable. arXiv

   • Many public institutions and private firms operate on outdated systems, which makes recovery from cyber incidents more difficult.

4. Under‑resourced Enforcement

   • Many countries lack a National Computer Incident Response Team (CIRT) or effective digital evidence repositories. Interpol

   • Training and equipping law enforcement is costly, and many nations are still catching up.

Real-World Cyber Incidents

• In 2024, INTERPOL reported a breach at Kenya’s Urban Roads Authority (KURA) and data theft from Nigeria’s National Bureau of Statistics. Interpol

• According to the Kaspersky report, the most-attacked countries during 2024 included Kenya (~20 million web threat attempts), South Africa (~17 million), and Morocco (~12.6 million). Kaspersky

• On-device threats also grew significantly in Nigeria and Ethiopia, according to Kaspersky telemetry. kaspersky.co.za

Government & Institutional Responses: Towards a More Secure Africa

1. Strategic Frameworks & Policy

   • The African Union Convention on Cyber Security and Personal Data Protection (AUCDP) is a major step to unify cyber policy across the continent. arXiv

   • Several governments are establishing or strengthening national CIRTs and incident-reporting mechanisms. Interpol

2. Capacity Building

   • There are growing partnerships between governments and education institutions to train cybersecurity professionals. Interpol

   • Some initiatives also focus on narrowing the gender gap in the cybersecurity workforce through targeted programs. Interpol

3. Public-Private Cooperation

   • In Kenya, for instance, mobile giant Safaricom (M-Pesa) is using AI-powered security to protect digital transactions. kaspersky.co.za

   • Threat intelligence sharing between governments and private firms is on the rise to better anticipate attacks. Interpol

4. Law Enforcement & Global Collaboration

   • INTERPOL’s first Operation Serengeti (2024) — part of its African Joint Operation against Cybercrime (AFJOC) — resulted in 1,006 arrests in 19 African countries. Interpol

   • The operation targeted ransomware, business email compromise, online scams, and more. Interpol

   • INTERPOL’s report recommends strengthening legal frameworks, boosting public awareness campaigns, and better regional coordination. Interpol

Recommendations: What Africa Needs to Do Next

To secure its digital future, Afrikastar beleive that africa should:

• Invest in Cyber Talent: Scale up training programs, certifications, and partnerships with universities to address the shortage of skilled professionals.

• Strengthen Legal Frameworks: Encourage more African nations to adopt and enforce robust cybersecurity laws, including data protection regulations.

• Boost Regional Collaboration: Share threat intelligence, harmonize legislation, and support cross-border cyber operations.

• Raise Public Awareness: Run continent-wide campaigns to educate citizens about phishing, password best practices, and how to report cyber incidents.

• Use Technology Strategically: Leverage AI/ML for threat detection, but also regulate new risks that come with advanced tech.

Conclusion

Africa’s digital transformation is creating powerful opportunities—but it also exposes the continent to serious cyber risks. From government databases to small businesses, no corner is immune. The good news: action is already underway. Through improved policy, education, and international collaboration, African countries are laying the foundation for a more secure digital future.

By understanding the threat landscape and working strategically, Africa can not only defend itself—but also lead in cybersecurity innovation.