Rabat, Morocco — Morocco is confronting a sharp escalation in cybersecurity risks, with over 21 million cyberattack attempts recorded in the first half of 2025, according to findings from Kaspersky and Hacken. The surge underscores growing national exposure as the country accelerates its adoption of Web3 and artificial intelligence (AI) technologies.
Kaspersky’s research, presented at KNext Rabat 2025, revealed that 15 million local network attacks targeted internal systems, removable media, and shared folders — pointing to persistent gaps in enterprise perimeter defenses. Another six million external attacks exploited internet-facing vulnerabilities, including phishing, ransomware, and software exploits. Notably, an increasing number of ransomware incidents demanded cryptocurrency payments, linking Morocco’s cybersecurity risks directly to Web3 ecosystems.
The country also faced 390,000 credential theft attempts and 8,000 backdoor intrusions, threatening digital wallets and cryptocurrency holdings. Critical industries — particularly banking, telecommunications, and manufacturing — remain prime targets for advanced cyber actors.
Globally, Hacken reported $3.1 billion in Web3-related losses in the first half of 2025, already surpassing 2024 totals. The majority of incidents stemmed from access control failures (59%) and social engineering scams ($600 million). Although Morocco has avoided large-scale breaches like Bybit’s $1.46 billion hack, experts warn that the country’s rapid expansion in digital finance creates similar systemic risks.
Compounding the issue, AI-related exploits have increased by 1,025% since 2023, as attackers target unsecured APIs, autonomous AI agents, and machine learning frameworks. With Moroccan startups increasingly deploying generative AI, vulnerabilities in AI-driven systems pose growing national security and economic threats.
In response, Morocco is developing cryptocurrency and digital asset regulations aimed at balancing innovation with anti-money laundering compliance. However, experts urge immediate action through enhanced cyber defense infrastructure, specialized training, and regulatory coordination to secure the intersection of traditional and decentralized financial ecosystems.
