Ransomware attacks have escalated significantly across Africa, with Nigeria ranking third on the continent with 3,459 ransomware threat detections in 2024, according to the 2025 Africa Cyberthreat Assessment Report by INTERPOL. The report highlights a sharp increase in cyber-enabled criminal activity targeting Africa’s expanding digital landscape, with highly digitized economies bearing the brunt.
Egypt topped the list with 17,849 detections, followed by South Africa with 12,281. Other countries in the top ten include Kenya, Gambia, Ghana, Tunisia, Algeria, Morocco, and Ethiopia. Cybercrime now constitutes over 30% of all reported crimes in West and East Africa, with ransomware, online scams, business email compromise (BEC), and sextortion identified as the continent’s most severe cyberthreats.
Notable ransomware disruptions in 2024 included a $7 million cyber heist at Nigerian fintech Flutterwave, power management disruptions at Cameroon’s ENEO, and data breaches at Kenya’s Urban Roads Authority and Nigeria’s National Bureau of Statistics. South Africa’s Department of Defence suffered a major data breach by the Snatch ransomware group, while Telecom Namibia experienced a breach affecting over 619,000 clients.
Key ransomware gangs identified include LockBit, responsible for attacks such as the South African Government Employees Pension Fund breach, Hunters International, targeting telecom and government sectors with stealthy data exfiltration tactics, and BlackSuit, which severely disrupted South Africa’s National Health Laboratory Service, impacting critical medical diagnostics.
The report underscores the growing sophistication and operational damage caused by ransomware attacks, urging enhanced cybersecurity measures across African nations to mitigate financial, operational, and reputational risks.
