Ethiopia, Nigeria, and Kenya lead the list of most targeted countries on the African continent as malware and ransomware attacks surge.
Check Point Technologies, a cybersecurity platform, stated this in its latest June 2025 Global Threat Index, where it raised an alarm over the escalating wave of cyberattacks globally, noting that eight African countries are among the Top 20 most targeted nations worldwide.
According to the report, Ethiopia was the most targeted country globally out of 109 surveyed, marking a troubling milestone for Africa’s cybersecurity readiness.
Read also: Bank auditors tasked to enhance cybersecurity to curb attacks
“Nigeria maintained its 5th position with a Normalised Risk Index of 77.6 per cent, signalling persistent exposure to malicious threats,” it said.
Other African countries on the top 20 list include Mauritius (7th), Mozambique (10th), Zimbabwe (11th), Uganda (12th), and Angola (17th) with 59.8 percent, and Kenya (19th). South Africa fell outside the top 20, but still saw an increase in cyber threat activity, moving from 47th to 51st globally.
On the attack front, Check Point’s threat intelligence unit observed a spike in the use of AsyncRAT, a remote access Trojan that uses Discord invite links to deliver malware payloads. The RAT, now among the top three threats globally, allows hackers to steal data, monitor systems, and gain full control over infected devices.
FakeUpdates, another widespread malware linked to the Evil Corp hacking group, continues to dominate, affecting 4 percent of organisations worldwide. It spreads through fake software update prompts, often followed by secondary, more dangerous payloads.
The Qilin ransomware group was added to the global threat landscape. It has maintained pressure on large enterprises, especially in healthcare and education, through ransomware-as-a-service campaigns and phishing-based infiltration.
“The June 2025 Global Threat Index emphasises the need for proactive measures to safeguard against the most advanced attacks of the year. This is especially so among African countries, which remain among the most vulnerable to cyber threats,” said Lionel Dartnall, Country Manager SADC at Check Point.
Read also: Routelink Group, Qualys partner to foster collaboration on cybersecurity
The vulnerability of African nations is heightened by limited cybersecurity infrastructure, lower awareness levels, and the growing digitalisation of sectors like education, government, and telecommunications, all of which are among the most frequently attacked industries.
Lotem Finkelstein, Check Point’s Director of Threat Intelligence, added, “Organisations need to be proactive in their defense. Implementing comprehensive cybersecurity strategies is no longer optional.”
