Nigeria has recorded the highest volume of weekly cyberattacks in Africa, according to the African Perspectives on Cyber Security Report 2025 by Check Point Software Technologies Ltd., a global cybersecurity leader.

The report shows that Nigerian organisations face an average of 4,200 cyberattacks per week, significantly higher than Africa’s average of 3,153 and 60% above the global average of 1,963 attacks per organisation. This sharp rise highlights the growing sophistication of cyber threats across the continent.

Kingsley Oseghale, Country Manager for West Africa at Check Point, explained that cybercriminals are increasingly leveraging artificial intelligence (AI) to automate phishing, impersonation, and cloud exploitation attacks. “AI has become part of the attack surface. Attackers use it to conduct identity theft and phishing at scale,” he said.

The report reveals that critical sectors such as finance, energy, telecommunications, and government are particularly targeted. Cybercriminals exploit exposed identities and misconfigured systems to launch AI-driven attacks, multi-vector ransomware, and identity-led intrusions.

Across Africa, different countries face unique cyber challenges. While Nigeria contends with business email compromise and cloud exploitation, South Africa struggles with ransomware, smishing, and botnet infections like Vo1d and XorDDoS.

Kenya has faced ransomware attacks targeting energy infrastructure, while Morocco has seen DDoS attacks and website defacements affecting government and education sectors.

The report identifies five major shifts in Africa’s cyber risk landscape in 2025: traditional ransomware evolving into data-leak extortion, widespread AI-generated deception, identity becoming the new security perimeter, increased regulatory pressure, and weak cybersecurity affecting international market access under rules such as the EU’s NIS2 Directive.

Oseghale stressed the need for prevention-first cybersecurity strategies, urging organisations to adopt continuous risk assessment, ensure regulatory readiness, and foster collaboration between public and private sectors.

AI’s rise, he noted, demands a shift in cybersecurity from reactive measures to predictive approaches. “The real challenge is not adopting new technology but securing the trust that underpins it,” Oseghale added.

The report serves as a wake-up call for Nigerian businesses, highlighting that poor digital resilience is no longer just a local issue—it can directly impact global competitiveness and regulatory compliance.

As cyber threats become more sophisticated, experts recommend prioritising employee awareness, securing cloud environments, and integrating AI-powered threat detection tools to reduce vulnerability and enhance operational security.