A startling new cybersecurity report has positioned Nigeria as the most targeted nation in Africa for digital assaults, with local organisations enduring a barrage of attacks far exceeding regional and global averages.
Alarming Attack Rates Far Above Average
The 'African Perspectives on Cyber Security Report 2025' from global security firm Check Point Software Technologies Ltd. delivers concerning figures. It finds that Nigerian companies face an average of 4,200 cyberattacks every week.
This number dramatically outpaces the continental average of 3,153 weekly attacks and is roughly 60% higher than the global average of 1,963 attacks per organisation. This data solidifies Nigeria's unenviable position as the epicentre of cybercriminal activity on the African continent.
The AI-Powered Threat Landscape
Kingsley Oseghale, Check Point’s Country Manager for West Africa, directly linked the escalating threat to the adoption of artificial intelligence by malicious actors. He explained that cybercriminals are now leveraging AI tools to automate and enhance their schemes.
Phishing, impersonation, and cloud-based attacks have become more sophisticated and widespread due to this technological shift. Oseghale emphasised that AI is now a core part of the threat environment, making traditional defence methods insufficient.
The report identifies key sectors bearing the brunt of these attacks, including finance, energy, telecommunications, and government institutions. Vulnerabilities often stem from exposed digital identities and misconfigured systems.
National Trends and Required Defences
The cyber threat profile varies across Africa. While Nigeria is particularly plagued by business email compromise and cloud exploitation, other nations face different challenges. South Africa contends with rising ransomware and botnets, Kenya has seen energy infrastructure targeted, and Morocco experiences coordinated disruptions in government and education systems.
Check Point's report outlines five major shifts shaping cyber risks in 2025, including the evolution of ransomware into data-leak extortion and the rise of AI-driven deception. It also warns that weak cyber readiness could hinder access to international markets, especially under regulations like the European Union's NIS2 Directive.
The firm advocates for a fundamental change in strategy. "The only effective response is prevention-first security that combines visibility, governance, and AI protection," the report states. Oseghale stressed that as organisations adopt AI, their cybersecurity must evolve from reacting to predicting threats.
The study recommends that African governments and businesses adopt ongoing risk assessments, ensure regulatory compliance, and foster stronger collaboration between public and private sectors to build digital resilience.
This report follows earlier alarms raised by a Nigerian House of Representatives committee, which uncovered vulnerabilities in the country's digital payment systems. The committee highlighted risks from unregistered agents, cloned terminals, and poor security practices in the growing fintech sector.
