Nigeria now faces the highest level of weekly cyberattacks in Africa, according to the newly released African Perspectives on Cyber Security Report 2025 by Check Point Software Technologies, a global cybersecurity firm.
The report shows that organisations in Nigeria suffer an average of 4,200 cyberattacks per week, far above the African average of 3,153 and 60% higher than the global average of 1,963 attacks per organisation. Check Point warns that the surge is driven by increasingly sophisticated AI-enabled cyber threats.
AI Now Central to Cybercrime
Check Point’s Country Manager for West Africa, Kingsley Oseghale, said cybercriminals are aggressively deploying artificial intelligence to automate attacks across email, cloud systems, and digital identities.
“AI has become part of the attack surface,” Oseghale said. “Attackers are using it to automate phishing and identity theft at scale. The only effective response is prevention-first security that combines visibility, governance, and AI protection.”
According to the report, Nigerian organisations are being targeted through:
exposed or stolen identities,
misconfigured cloud systems,
AI-generated phishing, and
multi-vector ransomware.
Critical sectors such as finance, energy, telecoms, and government were among the most affected.
Africa’s Cyber Threat Landscape Worsens
The study outlines different attack patterns emerging across the continent:
Read also:
- 15 internet fraudsters jailed in Benin
- Public outcry over arbitrary International Passport fee increase
- Eight jailed for money laundering, internet fraud in Kaduna
Nigeria: Business email compromise (BEC) and cloud exploitation
South Africa: Rising ransomware, smishing, and botnets like Vo1d and XorDDoS
Kenya: Ransomware targeting energy infrastructure
Morocco: Government and education systems hit by DDoS attacks and website defacement
Check Point identifies five key shifts defining Africa’s cyber-risk outlook in 2025:
ransomware evolving into data-leak extortion,
widespread AI-generated deception,
identity becoming the new security perimeter,
increasing cloud vulnerabilities, and
stronger global regulations affecting market access.
The report warns that weak cybersecurity may affect African organisations’ ability to trade internationally under rules such as the EU’s NIS2 Directive, making digital resilience a critical economic factor.
Call for Prevention-First Security
The study urges public and private organisations to adopt proactive cybersecurity measures, including:
continuous risk assessment,
regulatory compliance,
improved identity governance, and
deeper public-private collaboration.
Oseghale stressed that as AI transforms business operations, cybersecurity must move from reaction to prediction.
“The real challenge is not adopting new technology but securing the trust that underpins it,” he said.
