Nigerian organisations recorded the highest number of cyber-attacks in Africa in January 2026, averaging 4,701 attacks per organisation per week, according to the latest Global Threat Intelligence report by Check Point Research.
The figure represents a 12 per cent year-on-year increase and a rise from the 4,622 weekly attacks recorded in December 2025, highlighting mounting cyber pressure on Africa’s largest economy.
According to the report, Nigeria not only leads the continent in attack volume among the four African countries surveyed, but also far exceeds the continental average of 2,864 attacks per organisation per week.
Globally, organisations faced an average of 2,090 cyber-attacks per week in January, marking a 3 per cent increase from December and a 17 per cent year-on-year rise. The data underscores what researchers describe as a sustained global escalation in cyber threats.
“Among the four African countries included in the January insights, Nigeria had the highest number of attacks at 4,701 per organisation per week, a 12% YoY increase. This was up from 4,622 in December 2025,” the report stated.
Within Africa, Angola followed Nigeria with 4,512 attacks per organisation per week, although this represented a 7 per cent year-on-year decline.
Kenya recorded 2,172 weekly attacks, down 41 per cent year on year, while South African organisations faced 2,145 weekly attacks—an increase of 36 per cent compared to the same period last year.
Although Africa recorded an overall average of 2,864 weekly attacks per organisation—a 6 per cent year-on-year decline—the regional drop masks sharp disparities, particularly the rising threat levels in Nigeria and South Africa.
READ ALSO: EFCC uncovers coordinated cyberattacks on Nigerian Banks, N20bn recovered
The most targeted sectors across Africa were Government, Financial Services, and Consumer Goods and Services—industries that manage sensitive citizen data, financial transactions, and critical supply chains.
Globally, the Education sector remained the most attacked industry, facing 4,364 weekly attacks per organisation, up 12 per cent year on year.
Government entities followed with 2,759 weekly attacks, while Telecommunications ranked third with 2,647 weekly attacks, reflecting mounting threats to connectivity infrastructure and emerging 5G ecosystems.
Ian van Rensburg, Head of Security Engineering for Africa at Check Point Software Technologies, warned that the surge reflects not only an increase in volume but also in sophistication.
“January’s data shows that cyber-attacks are not only increasing but becoming more refined and opportunistic,” he said.
He noted that as African organisations accelerate digital transformation, cybersecurity frameworks must evolve at the same pace.
“Unchecked GenAI usage is opening new blind spots for organisations. Prevention first, real-time protection powered by AI is the only effective way to stop attacks before they cause operational or financial damage,” van Rensburg added.
The report flagged rapid adoption of Generative AI tools as an emerging security risk. It revealed that one in every 30 GenAI prompts submitted from corporate networks in January posed a significant risk of exposing sensitive data.
These prompts frequently contained internal documents, personal identifiers, customer information, and proprietary source code.
On average, organisations used 10 different GenAI tools monthly, many operating outside formal governance structures.
Researchers warned that such fragmented usage increases the risk of accidental data leaks, ransomware infiltration, and AI-driven cyber-attacks—particularly in fast-digitising markets like Nigeria, where banking, fintech, telecoms and public services are rapidly expanding online.
Amid the rising threat landscape, the Federal Government has indicated plans to introduce a new cybersecurity framework this year aimed at curbing AI-driven attacks on banks, businesses and government institutions.
The Director-General of the National Information Technology Development Agency (NITDA), Kashifu Inuwa, disclosed that the framework will require organisations operating in Nigeria to meet minimum cybersecurity spending thresholds.
According to him, many companies currently underinvest in cybersecurity because they assume they are unlikely targets.
The proposed framework will also introduce mandatory timelines for reporting data breaches, mechanisms for sharing threat intelligence between public and private sectors, and coordinated national response protocols for major cyber incidents.
With Nigeria now leading Africa in cyber-attack frequency, analysts say the effectiveness of these measures will be critical in protecting the country’s rapidly expanding digital economy.
Latest1 week ago
Business1 week ago
Latest1 week ago
Football1 week ago
Business1 week ago
Health6 days ago
Business1 week ago
Business6 days ago