Africa is experiencing rapid digital growth.
From mobile banking to cloud services, businesses are embracing digital tools to improve operations. However, this progress comes with a major challenge—a surge in web-based cyber threats.
According to new data from Kaspersky, over 131 million web threats were detected across Africa in 2024. This is a 1.2% increase compared to 2023, with businesses being the main targets.
Every organization—small or large—must understand these threats and take action.
The Most Targeted African Countries
The top three countries by number of web threat detections were:
- Kenya: Nearly 20 million web attack attempts
- South Africa: Close to 17 million detections
- Morocco: 12.6 million attempted web-based attacks
These numbers reflect the growing exposure of African businesses to online risks. The more organizations move online, the more they become targets.
Evolving Malware Tactics: From Web-Based Threats to Local Infections and Data Theft
Web threats are attacks that happen while users are browsing the internet. These may include fake websites, drive-by downloads, and phishing campaigns.
However, threats are not only coming from the internet. Local threats—malware spread through USB drives, CDs, or encrypted software installers—are also increasing. In 2024, local malware detections rose by 4% across African organizations.
Countries with the most growth in local threats included:
- Morocco
- Senegal
- Nigeria
- South Africa
- Ethiopia
These attacks usually bypass weak internal security systems, making it essential to protect devices and internal networks.
Also read: Top 10 Most Prevalent Malware in EMEA
Cybercriminals are not just disrupting systems; they are stealing valuable data. Between 2023 and 2024:
- Spyware attacks rose by 14%. Spyware secretly monitors and records user activity.
- Password stealer detections jumped by 26%, targeting business credentials and financial information.
Top countries affected by password stealers were Kenya, Morocco and South Africa.
Other countries like Tanzania, Namibia, Uganda, and Senegal are also being affected. These threats often lead to major data breaches, fraud, and perational disruptions.
Why Businesses Are Being Targeted
Several factors contribute to rising attacks:
- Businesses are rushing to digitize without strong cybersecurity policies.
- Many use outdated software or expose remote services (like RDP) without proper security.
- Employees often lack cybersecurity training, making them easy targets.
- Digital financial services are growing, but many users are unaware of online risks.
According to Maher Yamout, Lead Cybersecurity Researcher at Kaspersky:
“Africa’s rapid digital expansion has brought significant opportunities, but it has also exposed the continent to a growing array of cyberthreats. Our statistics show an increase in attack detections for several types of cyberthreats, and the factors driving these increases are multifaceted”
“In the B2B sector, the continuing shift toward hybrid work models and the rush to digitize operations — often outpacing cybersecurity investments — may leave African businesses exposed to advanced persistent threats. In the B2C space, the explosion of digital financial services, coupled with low digital literacy rates, makes individuals prime targets for opportunistic attacks.”
What African Businesses and Organizations Should Do
Cybersecurity is not a one-time project—it must be an ongoing priority. To protect your organization:
- Update all software regularly to patch vulnerabilities.
- Avoid exposing Remote Desktop Protocol (RDP) services to the public internet.
- Use strong and unique passwords for all systems and enforce two-factor authentication.
- Deploy endpoint protection and advanced EDR solutions, like Kaspersky NEXT EDR Expert, to monitor all devices.
- Train employees regularly to recognize phishing, social engineering, and malware.
- Back up critical data regularly, and store backups offline or in secure environments.
- Use threat intelligence to stay updated on attack methods used by cybercriminals.
Also read:
About Author
