New data from cybersecurity and antivirus firm Kaspersky has revealed that Sub-Saharan Africa faced 42.4 million web attacks and 95.6 million on-device attacks in the first half of 2025, indicating a concerning trajectory in data theft over such a short period.
The report, released by the company ahead of one of Africa’s biggest tech events, GITEX Nigeria, reveals that spyware cases in the region have more than doubled.
Password-stealing attacks rose by 64 percent, while backdoor malware infections grew by 12 percent compared to the first half of 2024. In Nigeria, Kaspersky’s data shows a 66 percent year-on-year increase in password theft and a 53 percent rise in blocked spyware.
Attacks that exploit weaknesses in applications are still common, even though the overall number of phishing attempts has dropped by 52%.
Kaspersky also found that phishing has become more focused, with threats increasingly centered on areas like finance and payments, which saw a 46% increase.
“Every day, more people in Africa and in Nigeria specifically are moving their businesses, banking, and even daily errands online. But with this opportunity comes a challenge,” says Chris Norton, General Manager for Sub-Saharan Africa at Kaspersky.
“Cybercriminals are also becoming more active, targeting not only big companies and government networks, but also ordinary people, small businesses, and industrial infrastructures we depend on.”
Kaspersky’s data shows that cybercriminals are quickly adapting to Africa’s growing digital landscape. The rise in spyware, password theft, and targeted phishing signals a move toward more deliberate and harmful attacks.
For governments, businesses, and individuals, this highlights the urgent need to strengthen cyber resilience through education, better security systems, and regional cooperation.
Protecting digital infrastructure is essential for supporting growth, keeping financial systems safe, and maintaining public trust.
