Cyberthreats are intensifying across sub-Saharan Africa, with Nigeria emerging as a key target, according to Kaspersky’s latest 2025 security report. (Image source: Kaspersky)

According to data from global cybersecurity company Kaspersky, sub-Saharan Africa recorded 42.4 million web attacks and 95.6 million on-device attacks in the first half of 2025

The region also saw spyware cases more than double, a 64% increase in password stealer incidents, and a 12% rise in backdoor infections compared with the same period in 2024. These figures are being released ahead of Kaspersky’s participation at GITEX Nigeria, one of the region’s leading technology exhibitions taking place on September 3–4 in Lagos. At the event, the company will provide practical guidance and host workshops to help individuals and businesses strengthen their defences against fast-evolving threats.

In Nigeria, during the first half of 2025, Kaspersky’s security tools blocked more than 1.46 million online attack attempts targeting users. These threats—which included phishing scams, exploits, botnets, Remote Desktop Protocol (RDP) intrusions, and network spoofing such as fake Wi-Fi networks—affected nearly one in five people in the country (19.9%). During the same period, 4.97 million on-device attacks were intercepted, with 28.6% of Nigerian users facing malware delivered through infected USB drives, CDs, DVDs, and hidden installers. These included ransomware, worms, backdoors, trojans, password stealers, and spyware.

Kaspersky’s research highlighted a 66% surge in password stealer attacks in Nigeria in H1 2025 compared to the same timeframe in 2024, along with a 53% increase in spyware incidents. Exploits exploiting vulnerabilities in applications such as Microsoft Office also remained widespread. While the overall number of phishing detections dropped by 52%, phishing attempts became more precise. Financially themed phishing, including scams targeting banks, e-commerce platforms, and payment systems, increased by 46%. Kaspersky registered more than 595,000 finance-related phishing attempts in Nigeria during the period.

Industrial sectors remain vulnerable as well. In H1 2025, Kaspersky solutions blocked threats on 26.5% of Industrial Control Systems (ICS) computers in Nigeria. Virus and worm infections posed significant risks, particularly in construction, ICS engineering and integration, energy, and biometrics industries. More broadly, Africa ranks among the regions with the highest percentage of ICS computers impacted by malicious objects worldwide.

“Every day, more people in Africa and in Nigeria specifically are moving their businesses, banking, and even daily errands online. But with this opportunity comes a challenge. Cybercriminals are also becoming more active, targeting not only big companies and government networks, but also ordinary people, small businesses, and industrial infrastructures we depend on,” commented Chris Norton, general manager for sub-Saharan Africa at Kaspersky.

NEC XON expands services to strengthen cybersecurity across South Africa and beyond

NEC XON, a leading IT security solutions provider, has announced a major step forward in its service offering

The company has expanded its managed services portfolio to include full-scale Fortinet device management, a move already implemented at two of South Africa’s largest clothing retail chains.

This development comes at a critical time, as businesses across South Africa grapple with complex security needs and evolving cyber threats. The new managed service aims to enhance Fortinet performance, reduce system downtime, and deliver a stronger layer of protection.

A recent S&P Global Market Intelligence report presented at RSAC 2025 highlights the increasing reliance on managed security services (MSS). Nearly 29% of organisations now use MSS to support or replace their in-house teams. Meanwhile, 23% are consolidating security resources and 28% are downsizing their security teams – a risky decision amid rising threat levels. Another 37% report no major changes, suggesting stagnation in their security posture.

A South African response to a global challenge

“We are dedicated to providing top-tier support to help businesses stay secure and operational. That’s not just a slogan — it’s a promise South African companies urgently need,” commented Grant Ferreira, regional manager security at NEC XON. “We are very excited to have launched the expansion of our managed services to meet the growing security demands of our customers. With our team of certified experts, we have had great success with the expanded services in the coastal regions of South Africa and are in the process of rolling out the project to the rest of SA and Africa.”

More than just another device

As a certified Fortinet partner, NEC XON is delivering more than just another IT service. What sets this offering apart is the combination of top-tier technology with a people-first approach. Fortinet’s firewalls and secure networking solutions are industry leaders, but it’s the flexibility and support around them that makes the NEC XON approach unique.

With both onsite and remote support options, the company meets customers where they are – whether they need engineers on the ground or hands-off remote monitoring. That adaptability is especially important for businesses in smaller towns or rural regions that may not have the technical resources or budget to manage advanced infrastructure.

NEC XON’s team includes certified engineers skilled in Secure Connectivity, SD-WAN and Security Operations – closing the technical gap with confidence.

Backed by Fortinet’s elite programmes

NEC XON also brings serious credentials to the table, with access to Fortinet’s Engage Preferred Services Partner (EPSP) and Expert Technical Support (ETSP) programs. These designations represent more than vendor recognition – they enable advanced support like in-depth troubleshooting, specialised configuration, and tailored training that clients can rely on.

Cybersecurity with real economic impact

The value of this service goes beyond technology. By helping businesses avoid downtime, prevent breaches and improve operational efficiency, NEC XON is also contributing to a more resilient digital economy.

In South Africa, where energy uncertainty, strained public services and rising risks are the norm, solid cybersecurity remains one of the few controllable aspects of business infrastructure. It is an investment that pays off – not only in business continuity but in trust and confidence.

Card fraud continues to cost issuers and merchants billions each year

Mastercard has launched Account Intelligence Reissuance, an advanced fraud prevention tool designed to streamline the card reissuance process in the Eastern Europe, Middle East, and Africa (EEMEA) region

This new service uses Mastercard’s proprietary Artificial Intelligence (AI) and extensive network insights to evaluate the risk associated with compromised cards and provide AI-based guidance on whether they should be monitored or replaced.

Card fraud continues to cost issuers and merchants billions each year. To prevent further unauthorised use, issuers typically assess primary account numbers (PANs) for risk and reissue vulnerable cards. This manual approach is often time-consuming and expensive. Mastercard’s Account Intelligence Reissuance simplifies and automates this process, offering a more efficient solution for tackling both physical and digital card skimming.

“At Mastercard, we have developed a comprehensive portfolio of fraud products that offer valuable and advanced insights and data. We are delighted to expand our proposition with Account Intelligence Reissuance that goes one step further by allowing issuers to aggregate data, measure risk and prioritize the most compromised cards for reissuance. Powered by our world-class AI technology, this highly accurate solution will significantly enhance credit card fraud prevention and customer protection efforts across the industry,” said Selin Bahadirli, executive vice-president, Services, EEMEA, Mastercard.

With the rise of digital transactions and the emergence of new types of fraud, Mastercard has continued to advance its technologies to protect stakeholders at every point in the payment process. Its Decision Intelligence platform currently secures over 159 billion transactions annually, and with generative AI improvements, Mastercard enables issuers to more quickly and accurately analyse account, transaction, merchant, and device data to detect and stop fraud in real time.

In Nigeria, the main targets included telecommunications resellers and computing infrastructure providers. (Image source: NETSCOUT)

West Africa’s DDoS threat landscape was dominated by Nigeria and Mali, according to NETSCOUT’s Threat Intelligence Report for July to December 2024, which analyses global attack trends and techniques

Nigeria faced 1,716 attacks in the latter half of 2024, a notable decline from 2,721 incidents in the first six months. Meanwhile, Mali saw a dramatic surge, with attacks soaring from 115 in the first half to 1,637 in the second half of the year.

“Web search portals and all other information services bore the brunt of attacks in Mali, with an astounding average duration of 1,197 minutes per incident,” said Bryan Hamman, NETSCOUT’s regional director for Africa. “This was followed by wired telecommunications carriers, which was also the most targeted industry at a global level during the same period, with more than 2.1 million incidents.”

In Nigeria, the main targets included telecommunications resellers and computing infrastructure providers. Interestingly, beauty salons appeared among the top ten sectors attacked, alongside wired telecommunications carriers, commercial banks, used merchandise retailers, tyre dealers, and household electronics wholesalers. “This shows once again how threat actors adapt their strategies accordingly within different countries to target those industries that are strong in individual sovereign territories,” Hamman explained.

Nigeria also experienced some of the most complex DDoS campaigns in the region, with up to 22 different vendors involved in a single attack, primarily using TCP, DNS amplification, and ICMP flood (Ping flood) methods.

Liberia ranked next with 1,189 attacks, slightly fewer than the 1,515 reported earlier in 2024. The country’s computer systems design services sector was heavily targeted, suffering 360 attacks over six months. DNS amplification was the dominant attack vector, closely followed by STUN amplification.

Ghana recorded a sharp decline in attacks in the second half of 2024, falling to 917 from 4,753 earlier in the year. The ICT sector remained most targeted, including web search portals and information services (317 attacks), wired telecommunications carriers (43), and computing infrastructure providers. Notably, footwear manufacturers were third, enduring 14 attacks during the period.

The Democratic Republic of the Congo entered NETSCOUT’s rankings for the first time, coming in fifth with 879 attacks. Hamman noted, “While the most significant attack peaked at a modest 0.74 Gbps, the complexity was notable – with up to 15 vectors used in a single attack.” Computing infrastructure providers bore the brunt, though one satellite telecommunications attack lasted an exhausting 689 minutes.

Though Cameroon was not the most targeted country with 811 incidents, nor did it experience the most complex attacks, it recorded the highest bandwidth attack in the region at 200.43 Gbps – surpassing Nigeria’s 148.77 Gbps.

Meanwhile, Côte d'Ivoire, Guinea, and the Republic of the Congo faced fewer attacks, with 495, 341, and 329 incidents respectively. Côte d'Ivoire suffered the largest attack among them at 8.66 Gbps, targeting wired telecommunications carriers. Guinea’s wireless telecommunications carriers were most pressured, while telecommunications resellers were the hardest hit in the Republic of the Congo.

“This latest data from NETSCOUT reinforces a critical truth for West Africa: DDoS attacks aren’t just increasing in frequency, but also in intensity and sophistication,” Hamman emphasized. “While nations like Nigeria and Mali face a high volume of incidents, others are experiencing powerful, high-bandwidth attacks that can cripple essential services.

“As noted previously, the ICT sector remains firmly in the crosshairs across the continent in its entirety, making it vital for organisations across the region to prioritise proactive defence strategies, invest in continuous risk assessments and engage in broader cybersecurity collaboration to stay ahead of evolving threats,” he concluded.