It is arguably the greatest threat targeting Africa’s technology landscape today – cyber-attacks.
With advancements in artificial intelligence happening at a rapid pace, the current dilemma facing the sector is concerning– the more advanced the innovation, the more sophisticated the counterattack from cybercriminals.
In some instances, malicious actors are outpacing systems designed to curtail them. In fact, the latest Interpol 2025 Africa Cyberthreat Assessment Report warns of a “sharp rise” in cyber-related crime in Africa. At least two-thirds of the organisation’s African member countries assessed indicated that cyber-related crimes accounted for a medium-to-high share of all crimes reported, rising to 30% in Western and Eastern Africa.
It is evident that attackers are always changing, and the digital environment in Africa serves as their playground.
In South Africa, several widely-reported hacks – such as the R165 million hack of the South African Social Security Agency and the data breach of Cell C – have led to business leaders shifting priorities, and budgets, to increase cybersecurity resilience.
While Nigeria was recently being dubbed the 13th most vulnerable country to cyberattacks by Check Point Securities’ Global Threat Index. This led to many business leaders to realise that cybersecurity demands greater attention. However, enhancing cybersecurity resilience is not the responsibility of organisations alone. It demands coordinated action at every level of society – from government regulators and private-sector leaders to individual users.
HP Wolf Security’s most recent Threat Insights Report demonstrates just how persistent and creative attackers have become in adapting and improving old techniques to bypass detection and fool users.
By chaining living-off-the-land (LOTL) tools, using advanced visual deception to boost phishing success, and hiding malware in less obvious file types, such as images, attackers are sharpening their edge.
Notable campaigns highlighted in the report include:
- Fake Adobe Reader invoices – ultra-realistic upload screens – including a fake loading bar – used to hide a reverse shell inside a small SVG image, giving attackers remote access to user devices.
- Malware Hidden in Image Pixels – malicious code embedded in pixel data of images, served through Microsoft Compiled HTML Help files, with PowerShell and CMD used to execute and then delete evidence.
- Resurgent Lumma Stealer – spreading through IMG disk images, using LOTL and installer scripts to bypass filters despite a law-enforcement crackdown earlier this year.
Moreover, cybercriminals are using AI to supercharge their skills – from writing attack scripts and analysing potential system flaws, to even developing new malware. Because phishing emails are getting more difficult to recognise, the rise of AI-assisted phishing is especially alarming for both individuals and companies. A recent study showed that such emails are fooling more than half of their targets.
Even the finest detection systems will miss some threats. Which is why defense-in-depth strategies, combined with containment and isolation are no longer optional, they are essential.
Tools such as HP Sure Click Enterprise, for instance, ensure that malware is rendered harmless through threat containment, delivering protection against attack vectors including email, browsers, and downloads.
And yet, despite 86% of organisations increasing their cybersecurity budgets, Mimecast also warns that funding still falls short of the growing demand. Leaders must move beyond incremental investment and establish clear, organisation-wide security requirements. This entails understanding the hardware-enforced security that is now built into many endpoint devices and ensuring that cybersecurity architecture keeps up with the increasing complexity of threats. Meanwhile, governments must urgently develop more nuanced cybersssecurity and AI regulations to make sure that AI is used safely across the continent, and as South Africa’s Institute for Security Studies has said: “new AI strategies must prioritise human security, transparency and accountability”. South Africa’s Institute for Security Studies has said: “new AI strategies must prioritise human security, transparency and accountability”.
The executive priority here is that cybersecurity cannot be viewed as a line item or a compliance exercise. It must be recognised as a strategic enabler of Africa’s digital future. Countries and companies that fail to secure their systems will not only lose money – they will lose trust, competitiveness, and the very license to operate in an increasingly digital economy. In the race between innovation and exploitation, resilience will be the ultimate differentiator.
