Cyberattacks targeting businesses across Africa are growing fast, with spyware and password-stealing malware leading the charge, according to a new report by cybersecurity firm Kaspersky.
Spyware, which secretly installs itself on computers to monitor activity and steal data, saw a significant jump between 2023 and 2024. Alongside this, Kaspersky recorded a 26% increase in password stealers—malware that snatches login details and other sensitive info.
Maher Yamout, a lead cybersecurity researcher at Kaspersky, said the rise in attacks is being driven by a mix of factors. For businesses (B2B), the push toward hybrid work and digital transformation is happening faster than their cybersecurity upgrades—leaving them vulnerable. For individuals (B2C), the growing use of digital financial services and low digital literacy make them easy targets.
The numbers paint a worrying picture:
Over 131 million web threats were detected across Africa in just one year.
1. Kenya saw nearly 20 million attack attempts, South Africa 17 million, and Morocco 12.6 million.
2. Phishing and ransomware remain the biggest threats, with 66 million phishing link clicks recorded—14.8 million of those by corporate users.
3. Local (on-device) threats, like malware spread via USB drives or hidden in software installers, grew by 4%.
Some countries saw even bigger jumps in local attacks:
- Nigeria – up 169%
- Ethiopia – up 86%
- South Africa – up 32%
- Senegal – up 11%
- Morocco – up 9%
To fight back, Yamout stressed the need for more collaboration, better cybersecurity training, and increased digital literacy across the continent.
He pointed to initiatives like the African Cyber Surge operation and targeted educational programmes as examples of how to build a more secure digital environment in Africa.
