Microsoft has raised alarm over Africa’s growing exposure to cyber-attacks, warning that the continent particularly Nigeria’s private sector remains largely unprepared to defend against increasingly sophisticated threats.
In its latest Africa Cybersecurity Threat Intelligence Report, Microsoft noted a sharp rise in cyber-attacks across the continent, driven by the expansion of digital services and weak security investment. The report shows that cybercriminals are now targeting African organisations with advanced tactics, including the use of artificial intelligence to craft convincing phishing scams in local languages.
According to the findings, over 100 trillion daily cybersecurity signals analysed by Microsoft revealed that West and North Africa recorded the highest number of incidents on the continent. Nigeria’s private sector, especially critical service providers such as healthcare, research institutions and small-to-medium enterprises, faces heightened risks due to limited cybersecurity infrastructure.
The report highlighted that 52% of cyber-incidents across the region were motivated by ransomware and extortion, while data theft accounted for 80% of cases investigated. It also disclosed that the economic cost of cybercrime in 19 African countries surged from $192 million to $484 million, with the number of victims increasing from about 35,000 to 87,000 in one year.
Microsoft warned that cybercriminals are increasingly exploiting trusted digital platforms and impersonating reputable individuals or organisations to conduct attacks. The company’s Chief Security Advisor for Africa said attackers are now “leveraging AI to tailor phishing content to local cultures and languages, making scams harder to detect.”
To curb the threat, Microsoft urged organisations and African governments to prioritise stronger cybersecurity measures. Recommended steps include adopting phishing-resistant multi-factor authentication, keeping systems and software updated, improving employee cybersecurity awareness, and strengthening regional and international cooperation on cybercrime.
The report stressed that the rapid growth of Africa’s digital economy must be matched with equal investment in cyber defence to prevent widespread disruption, financial loss and erosion of public trust.
