As internet access expands, African nations have become a laboratory for malicious actors worldwide who are developing new cyberattacks and committing cybercrimes.
A new report by the Global Initiative Against Transnational Organized Crime (GI-TOC) found sharp growth in cybercrime across the continent between 2023 and 2025 with Kenya, Nigeria and South Africa — sub-Saharan Africa’s most online countries — under nearly constant attack by cybercriminals.
“Cyber criminals are increasingly using Africa as a testing ground for new types of ransomware and other cyber-dependent attacks,” GI-TOC researchers wrote in their report.
Over the past 20 years, internet access across African nations has grown at an average of 17% per year, more than double the global average. That growth has enabled widespread use of smartphone-based technology such as mobile payment apps, but cybersecurity and education about potential threats have failed to keep pace.
As a result, millions of internet users are exposed to online criminals. Forty percent of people in Africa reported being cybercrime victims in 2025. Government authorities continually find themselves falling behind criminals as they try to disrupt cyberattacks and online scams, according to GI-TOC.
“Most African law enforcement agencies lack the necessary technical tools, such as advanced digital forensics laboratories, secure digital evidence storage systems and real-time network monitoring technologies, to conduct timely investigations, trace digital evidence and dismantle transnational networks,” GI-TOC analysts wrote. “The asymmetry between the capabilities of states and the sophisticated digital tools used by cybercriminals risks widening the enforcement gap further still.”
Attackers sharpen their skills in countries with weak cybersecurity capacity by attacking vulnerable businesses and government agencies in key economic sectors, such as finance, energy and manufacturing. With their methods refined, they turn their attacks against countries with more robust protections, according to the report.
Those attacks take a variety of forms, but two of the most common are:
- Ransomware that locks down a computer system until the owner pays to have access restored.
- Distributed denial of service (DDOS), in which a barrage of rapid-fire contacts overwhelms a system, making it inaccessible to users.
Successful cyberattacks cost countries millions of dollars each year in lost revenue. Ghana, for example, might have lost as much as $42 million when a 2024 ransomware attack crippled the Electricity Company of Ghana’s ability to distribute power to millions of customers. The attack happened as the company was updating its computer systems.
Elsewhere, cyberattacks shut down South Africa’s National Health Laboratory Service and Nigeria’s National Bureau of Statistics. Hackers stole customers’ personal data from Telecom Namibia and began releasing it to the public when the company refused to pay the ransom. In Uganda, hackers invaded the Bank of Uganda in 2024 and stole $16.8 million.
Cybercriminals are exploiting a patchwork of regulations and cybersecurity to make the continent a hub for drug trafficking from South America, wildlife trafficking to Asia, and online scams directed at Europe and North America. Additionally, foreign hackers, many of them based in China, play a growing role in online crime in Africa. “Criminal actors have been quick to exploit the gaps created by weak infrastructure, fragmented regulations, insufficient policy coordination and underdeveloped cybersecurity,” GI-TOC analysts reported.
Nearly one-third of all crimes in West Africa and East Africa in 2025 were cybercrimes. Overall, cybercrime cost African countries a collective $3 billion in lost business and damaged reputations, GI-TOC reported.
Holes in the continent’s cybersecurity network mean the scale of cybercrime across Africa is likely to be greatly underestimated, according to GI-TOC.
“This means that the cases that make the headlines represent a small fraction of the complete picture,” researchers wrote.
Cybercrime investigations often are hamstrung by a lack of cross-border cooperation, a shortage of digital forensic tools, and the ability to get key information from foreign-owned internet providers. The result is stalled or inconclusive investigations and countries exposed to transnational criminal networks, according to GI-TOC.
“Unless cybersecurity becomes a fundamental component of Africa’s development strategies instead of a reactive policy response, cybercrime will continue to outpace enforcement, undermining the continent’s digital future before its full potential can be realised,” the report said.