Weak Security Culture and Human Risk Drive Cyber Threats Across Africa
The primary targets are key economic sectors, including finance, healthcare, energy, and government. Recent incidents, such as breaches at Kenya’s Urban Roads Authority and Nigeria’s National Bureau of Statistics, demonstrate the vulnerability of critical national infrastructure.
This report focuses on the African aspect of the August 18, 2025, cyber threat intelligence. While the global report highlights major attacks in North America, Europe, and Asia, a broader analysis reveals that Africa is an increasingly significant and vulnerable target in the global cybercrime landscape.
The continent is experiencing a notable surge in cybercrime, with INTERPOL reporting that in many African countries, cyber-related incidents now account for a substantial portion of all reported crimes. The primary targets are key economic sectors, including finance, healthcare, energy, and government. Recent incidents, such as breaches at Kenya’s Urban Roads Authority and Nigeria’s National Bureau of Statistics, demonstrate the vulnerability of critical national infrastructure.
A major finding is that cyber threats in Africa are often driven by human risk. A recent report by KnowBe4 highlights that while many organizations provide security training, a significant number of employees are not confident in their ability to identify and report threats like phishing. The widespread use of personal devices for work also creates additional security gaps that cybercriminals can exploit. Furthermore, sophisticated transnational criminal syndicates, like the West African “Black Axe” group, are behind multi-million-dollar fraud schemes, showing the highly organized nature of these criminal operations.
Combating these threats is a significant challenge. INTERPOL notes that the legal and law enforcement frameworks in most African countries are not keeping pace with the rapid evolution of cybercrime. There is a critical lack of essential infrastructure, such as national incident reporting systems and cyber threat intelligence databases. However, there are positive signs. Some nations are strengthening their laws and participating in international operations to dismantle criminal networks. East Africa is also taking a proactive stance by leading the continent in developing formal AI governance policies, a crucial step in preparing for new, AI-driven cyber threats.
