Top 10 Largest Cyber-Attacks in Africa 2025

In Summary

• In early 2025, South Sudan recorded over 93 million cyber-attack attempts, the highest in Africa. This shows that emerging digital economies are now prime global targets.
• Countries like Kenya, Nigeria, and South Africa have expanded national Computer Emergency Response Teams (CERTs) to strengthen detection and response.
• Governments are combining new cybersecurity laws with public awareness drives, marking a shift from reactive to proactive defense across Africa.

Deep Dive!!

Lagos, Nigeria, Friday, August 29 – Cybersecurity is becoming a defining challenge for Africa’s digital growth in 2025. The expansion of banking, telecommunications, and government services has led to a sharp rise in online cyber attacks, affecting millions of users and critical systems. These attacks range from phishing scams, ransomware, and large-scale breaches aimed at disrupting financial transactions and stealing sensitive data. The scale of these threats shows how Africa’s digital economy has become a global player, drawing the attention of both criminals and state-backed actors.

In response, countries are moving beyond emergency reactions to structured national strategies. 

Cybersecurity laws are being enforced to regulate data protection, digital identity, and financial security. National Computer Emergency Response Teams (CERTs) are now active in many countries, providing round-the-clock monitoring and coordinated responses. Regional collaborations through bodies like the African Union and Smart Africa are also improving information sharing and setting standards for cyber defense.

These combined efforts reflect a shift from being reactive to building long-term resilience. African countries are showing that cyber threats, while disruptive, are also prompting stronger digital policies, improved infrastructure, and new opportunities for innovation.

In this article, we bring you  the ten African countries most affected by cyber-attacks in 2025 and examines the concrete measures they are taking to secure their digital future.

10. Ghana

Ghana ranked 93rd worldwide in 2025 with 5,270,783 attempted cyber-attacks. The most notable case was the outage of the government’s central email platform in August, which disabled communication across ministries for two days. The National Cyber Security Authority (NCSA) led recovery efforts and issued directives enforcing multi-factor authentication, mandatory server backups, and stricter access controls across all state agencies. The Ministry of Communications and Digitalization also accelerated plans for a National Security Operations Centre to provide continuous monitoring of government networks and early warning against intrusions.

The government reinforced the Cybersecurity Act with compliance guidelines requiring critical information infrastructure operators to submit incident reports directly to the NCSA. At the same time, public campaigns were expanded to promote awareness of phishing, email fraud, and reporting channels. These measures indicate a policy shift from reactive response to preventive defense. 

9. Ivory Coast

Ivory Coast recorded 5,912,899 attempted cyber attacks in 2025, ranking 88th worldwide. The year was marked by increasing targeting of financial institutions and government portals, consistent with the country’s expanding role as a West African financial hub. In response, the National Cybersecurity Strategy 2025–2027 was activated, emphasizing the protection of critical information infrastructure. The government directed banks, telecom operators, and key public agencies to align with national standards on incident reporting and data protection. A Computer Emergency Response Team (CI-CERT) has been positioned as the central body for threat monitoring and coordination, with expanded authority to audit compliance across sectors.

Capacity building formed a key part of the response. Training programs were launched for state IT officers and law enforcement units, while partnerships with the private sector introduced new detection and monitoring systems. Public awareness campaigns also targeted mobile money users, as fraud linked to digital payments remained a major concern. 

8. Tunisia

Tunisia registered 6,575,670 attempted cyber-attacks in 2025, placing it 83rd worldwide. The government identified recurrent targeting of public-sector websites and academic networks, with denial-of-service attempts disrupting access to several online portals during the year. In response, the National Agency for Computer Security (NAC) expanded its national monitoring framework, mandating regular vulnerability assessments for ministries, universities, and telecom operators. New directives were also introduced requiring all government agencies to adopt encryption standards for email communication and implement multifactor authentication for internal systems.

The Tunisian government continued to build institutional capacity through its National Cybersecurity Strategy 2023–2027, which prioritizes critical infrastructure protection, digital trust, and incident response. Training programs were extended to law enforcement and judicial officers to improve the handling of cybercrime cases, while public initiatives promoted safe online behavior among citizens and small businesses. With these measures, Tunisia’s 2025 response illustrates a clear emphasis on regulation, capacity building, and public engagement, ensuring that the country strengthens its defenses.

7. Kenya 

Kenya registered 7,831,073 attempted cyber-attacks in 2025, ranking 79th globally. The financial sector remained the most vulnerable, particularly due to the widespread use of mobile money platforms such as M-Pesa, which continue to attract both local and international cybercriminal groups. Phishing campaigns, SIM swap fraud, and social engineering attacks against mobile money users were repeatedly flagged by regulators and telecom operators. Government institutions also reported intrusion attempts, especially in systems handling sensitive citizen data such as eCitizen portals and tax-related services. Kenya also ranks among the African countries with the largest data systems, making the protection of digital infrastructure even more critical.

The Communications Authority of Kenya (CA) and the National Kenya Computer Incident Response Team Coordination Centre (KE-CIRT/CC) responded by scaling up monitoring operations. KE-CIRT/CC issued monthly public advisories on emerging threats, focusing on malware infections, ransomware, and data leaks. In 2025, the Kenyan government also advanced the implementation of its National Cybersecurity Strategy, which places emphasis on protecting critical infrastructure and fostering public-private partnerships. A cybersecurity bill strengthening penalties for digital crimes was tabled in parliament to close existing legal gaps.

Capacity building remained a core focus. The ICT Authority collaborated with universities and private sector firms to develop training programs aimed at producing certified cybersecurity experts. International cooperation also increased, with Kenya joining regional initiatives under the African Union’s Digital Transformation Strategy and entering bilateral agreements with partners like the United States to enhance intelligence sharing.

6. Algeria

Algeria registered 11,529,983 attempted cyber-attacks in 2025, ranking 67th globally. The Ministry of Post and Telecommunications confirmed that public institutions and energy-related networks remained primary targets, with several phishing and ransomware attempts detected against state utilities. In response, the National Agency for the Security of Information Systems (ANSI) expanded its national monitoring program, requiring critical service providers to submit regular threat reports and undergo security audits. A stronger framework for protecting industrial control systems was also introduced to safeguard energy infrastructure, a key sector in Algeria’s economy.

The government advanced its National Cybersecurity Strategy by enhancing technical capacity and promoting coordination among state agencies. Specialized training was delivered to IT officers within ministries and law enforcement units tasked with handling cybercrime investigations. Public campaigns emphasized safe digital practices for citizens, particularly around online banking and social media use. 

5. Morocco

Morocco recorded 18,537,807 attempted cyber-attacks in 2025, ranking 60th worldwide. The most serious case was the breach of the National Social Security Fund (CNSS) in April, where nearly two million employee records were exposed. The incident highlighted vulnerabilities in data storage systems and placed pressure on Morocco’s wider e-governance framework. In response, the General Directorate of Information Systems Security (DGSSI) led investigations and coordinated the rollout of stronger security protocols across public institutions.

The government reinforced its National Cybersecurity Strategy by mandating periodic penetration testing for ministries and agencies, while also expanding the role of the national CERT-MA in threat detection. Legal reforms advanced under the 2023–2027 Digital Transition Plan now require companies handling sensitive data to meet stricter encryption and storage standards. Training programs for civil servants were intensified to address phishing and insider threats, with DGSSI also expanding cooperation with the private sector to develop homegrown cybersecurity solutions.

Morocco also increased collaboration with international partners. Agreements with the European Union and regional security networks provided technical support for incident response and intelligence sharing. At the citizen level, campaigns were launched to build awareness of personal data protection, reflecting the government’s effort to strengthen trust in digital services. 

4. Nigeria

Nigeria faced 23,268,560 attempted cyber-attacks in 2025, placing it 55th globally. The Central Bank of Nigeria (CBN) confirmed that the banking sector remained the top target, particularly through ransomware and phishing campaigns directed at electronic payment platforms. Several fintech companies reported repeated intrusion attempts, underscoring the scale of risks tied to Nigeria’s fast-growing digital financial ecosystem. With the country hosting the highest number of internet users in Africa, its digital platforms remain especially exposed, prompting the Nigeria Inter-Bank Settlement System (NIBSS) to strengthen its monitoring unit to counter coordinated attacks, while commercial banks accelerated deployment of multi-factor authentication and fraud detection tools.

At the policy level, the Office of the National Security Adviser (ONSA), working through the Nigerian Computer Emergency Response Team (ngCERT), scaled up its National Cybersecurity Strategy by issuing new directives on protecting critical infrastructure, including telecoms and power grids. 

Capacity development also featured prominently. The National Information Technology Development Agency (NITDA) expanded its cybersecurity awareness programs to universities and small businesses, while the Economic and Financial Crimes Commission (EFCC) increased cross-border collaboration to track financial cybercrime. Nigeria also deepened cooperation with international partners, notably through intelligence-sharing agreements under the African Union’s cybersecurity framework. 

3. Egypt

Egypt recorded 25,928,441 attempted cyber-attacks in 2025, ranking 50th globally. Key targets included government portals and financial institutions, with a series of denial-of-service attempts against the Ministry of Communications and Information Technology (MCIT) disrupting online public services early in the year. Egypt’s reliance on digital government platforms made these incidents particularly significant, pushing the National Telecom Regulatory Authority (NTRA) to tighten real-time monitoring of state-owned networks.

The government advanced its National Cybersecurity Strategy through the Egyptian Supreme Cybersecurity Council, which issued new standards for securing digital platforms handling citizen data. National Telecom Egypt and major banks expanded their adoption of biometric security tools and upgraded their encryption systems to mitigate large-scale data theft. 

Legal frameworks were reinforced with stricter enforcement of the 2018 Cybercrime Law, including the establishment of dedicated cybercrime courts in Cairo and Alexandria. In parallel, Egypt deepened international partnerships, particularly with the Arab Cybersecurity Center and the European Union, to enhance threat intelligence and resilience. Public awareness efforts continued through nationwide campaigns teaching citizens to identify and report phishing scams, reflecting the state’s recognition of social engineering as a growing threat.

2. South Africa

South Africa faced 42,795,233 attempted cyber-attacks in 2025, ranking 37th worldwide and the second highest in Africa. The financial sector remained the most targeted, with several large-scale phishing and ransomware campaigns directed at commercial banks and online payment services. The Johannesburg Stock Exchange (JSE) also reported heightened intrusion attempts, underscoring how attackers focus on South Africa’s advanced digital economy. 

The State Security Agency (SSA), working with the South African Cybersecurity Hub, expanded national defense capabilities by investing in threat detection technologies and strengthening coordination with private sector networks. The Cybercrimes Act, which came into full force in 2021, was actively applied in 2025 through prosecutions targeting financial fraud syndicates and online identity theft. Government-led initiatives also included building a new National Cybersecurity Operations Centre to centralize monitoring of critical infrastructure.

Private firms accelerated investments in resilience, with banks and insurance companies deploying AI-based fraud detection systems. Meanwhile, the Department of Communications and Digital Technologies (DCDT) scaled up training programs under the National Digital and Future Skills Strategy, equipping young professionals with cybersecurity expertise. South Africa also pursued regional leadership by deepening ties within the Southern African Development Community (SADC) and working with global organizations on intelligence sharing and incident response.

1. South Sudan

South Sudan recorded 93,250,909 attempted cyber-attacks in 2025, ranking 24th globally and first in Africa. The volume of attacks was driven largely by the country’s growing integration into global digital systems, particularly within banking, oil, and government networks. Attackers frequently targeted the Ministry of Finance and Economic Planning as well as the national oil corporation, attempting to disrupt revenue channels critical to the state’s economy. 

The government responded by accelerating the implementation of its National Cybersecurity Strategy, which is overseen by the Ministry of Information, Communication, Technology, and Postal Services. A Computer Emergency Response Team (CERT) was established in early 2025 with support from regional partners, providing the first structured mechanism for handling major incidents. In collaboration with the African Union and the International Telecommunication Union (ITU), South Sudan began capacity-building programs for government officials and law enforcement agencies to improve detection and response to cyber threats.

Legislative steps were also taken, with a draft Cybercrime and Electronic Transactions Bill under review to provide a legal framework for prosecuting digital offenses. Partnerships with international organizations helped strengthen infrastructure security, while telecom companies operating in the country introduced stricter SIM registration policies and biometric verification to curb identity fraud.