Africa grew in the 21st century with breathless velocity. Countries that struggle with basic infrastructure have now catapulted themselves into the mobile-first era. They literally bypassed intermediate technologies and built a digital ecosystem, which is as volatile as it is vibrant.
Today, there is a Silicon Savannah in Nairobi and a computer village in Lagos. They are infrastructure that were unthinkable just a decade ago. And as a result, the continent is brimming with chaotic and innovative energy.
The GDP growth of Africa is expected to reach around 4.1% by 2025. It is easily one of the fastest-growing regions on the planet. It might sound astounding, but if you take into consideration digital architecture, which includes 570 million users along with 855 million mobile data subscriptions, and if you also notice that the mobile money sector in the region accounts for an astonishing 74% of all global mobile money transactions, the maths adds up.
Of course, where there is growth, there are parasites. The hackers and cyber criminals are outpacing the defensive capabilities of the continent. These nefarious individuals and organisations are weaponising the same APIs, mobile payment gateways, cloud platforms, and other technological advancements that are facilitating the financial inclusion of the region.
There are several malicious groups to worry about, such as the local Yahoo Boys and international groups with state sponsorship, like the hacking group Anonymous Sudan.
This is what happens when you have high digital adoption and low cybersecurity maturity. There’s a gap that is perfect for criminals who want to siphon the continent’s economic gains. Nobody really knows how much of the economy is at risk, but there are even studies that claim that cybercrime causes Africa almost 10% of its GDP. There are conservative estimates that are also alarming, which tell us the number is in the billions. And more than money, reputation and structure are at risk.
The stakes can’t get any higher. Africa is trying to emulate the European Union (EU) through the African Continental Free Trade Area. This organisation, like the EU, is trying to bind the continent into a single market where people can move and trade freely. But this ambitious goal is under threat by cybercriminals.
The financial institutions in Nigeria lost over ₦52 billion to fraud in 2024 alone. And South Africa was dog-piled by ransomware attacks, which were striking with precision at its critical infrastructure. This is a theoretical and operational threat that affects everything about the economies of these nations. The breadth of the issue is so wide that it can affect the issuance of Kenyan visas and the stability of the Central Bank of Uganda.
The anatomy of digital boom
If you have to understand the magnitude of the cyber threat to Africa, you have to understand Africa’s digital story, which is unique in the history of economics. The West had to go through industrialisation over centuries, having to go through so many different types of technologies and slowly evolve into the economy it is today. For example, there were copper wires and land lines, desktop computing, and then mobile connectivity in Europe.
But Africa was colonial and far behind the times. When globalisation hit and technology was being transferred to every nook and corner of the world, Africans skipped telegrams, landline telephones, and desktop computers and jumped directly to the age of mobile connectivity. It is called the “leapfrog effect” and is most visible in the financial sector, which happens to be the bedrock of Africa’s identity. Look no further, in today’s sub-Saharan Africa, there are about 1.1 billion homes with registered mobile money accounts. That’s almost half the global total. And in 2024 alone, these platforms processed about 81 billion transactions, which can be valued at a staggering $1.1 trillion.
The mobile-centric architecture democratised finance, and millions of unbanked individuals are now in the formal economy, sending money to relatives in rural villages and paying for solar power or accessing microloans by pressing a few buttons.
Small and medium enterprises benefited greatly from this. Currently, they contribute about 50% of total GDP and constitute 95% of all registered businesses. Unfortunately, these SMEs are most vulnerable to these cyber attacks as they don’t have the resources to defend themselves and aren’t informed enough to take precautions.
The integration of technology into the daily life of common Africans essentially means that a cyber attack on Africa doesn’t just affect corporations and can also disrupt the subsistence of its citizens.
The infrastructure of vulnerability
The nations of Africa have prioritised speed over security when building digital infrastructures. And this is what industry experts call a maturity gap, where technology is built too fast to be secured. The continent’s digital growth is mostly driven by artificial intelligence, application programming interfaces (APIs), and cloud adoption. These technologies facilitate the connection of disparate financial services. However, they do come with systemic risks. For example, a third-party payment processor can be compromised, which would cascade into banks, telecom operators, government portals, and so on. It is a domino effect where all this interconnectivity creates a risk to the economy as a whole.
And the physical infrastructure supporting this massive boom is expanding at an astounding pace. There are investments in undersea cables, such as Google’s Equiano and Meta’s 2 Africa, and there is also a proliferation of local data centres, thus reducing latency and, of course, data costs too.
Security engineers believe that the modernisation of infrastructure, including shared digital infrastructure (SDI), where governments and companies pool resources, broadens the attack surface. The larger the system, the easier it is for it to fall.
The economic calculus of cybercrime
Determining the exact cost of cybercrime in Africa is difficult, as we discussed earlier. The UN Economic Commission for Africa has a disturbing statistic, pinning the losses at 10% of GDP. One must note that Africa’s GDP is around $2.8 trillion, which should imply that almost $300 billion is lost annually. Many economists are skeptical about this data, but if it’s true, it would mean that cybercrime is actually taking away more money than what is required to combat malaria and HIV combined.
INTERPOL doesn’t truly agree with the UN estimates and believes the direct losses must be in the range of $4 billion to $10 billion annually. While this isn’t the jaw-dropping 10% of GDP, it is still 0.15% to 2.13% of total GDP. To put things into perspective, Sierra Leone has a GDP of $4 billion, and this figure is an exact equivalent.
No matter the precise data, it’s an undeniably alarming trajectory. In Nigeria alone, financial institutions lost ₦52.26 billion to fraud in 2024. There was around a 7.63% increase in fraud cases. The attacks are becoming more precise, targeting high-value, high-net-worth individuals or organisations.
They are no longer casting a wide net, but spearing specific whales. The cost of data breaches in South Africa reached $2.95 in 2034 (one of the highest in the world) before slightly coming down to $2.45 million in 2035, due to better detection technologies.
The spectrum of threats
There is a wide array of attacks ranging from crude, volume-based to highly sophisticated and targeted campaigns. The spectrum can range from a lone hacker in a cafe to a state-sponsored operative from a distant capital.
Ransomware was just a nuisance once upon a time, but it’s one of the most dominant threats in the economy right now, with South Africa and Egypt bearing most of the brunt of the assault.
In 2024, South Africa reported approximately 18,000 ransomware detections, closely followed by Egypt with around 12,000. Both Nigeria and Kenya also experienced significant threats, with thousands of incidents occurring.
Most of the targets are strategic and high-value. Hackers usually target critical infrastructure, government databases, or major financial institutions. And they also encrypt data to paralyse operations of an organisation or individual and demand a ransom for not blackmailing victims with threats to leak their private data to the public. Organisations like Kenya’s Urban Roads Authority (KURA) and Nigeria’s National Bureau of Statistics (NBS) are prime examples of organisations that had to pay due to ransomware attacks.
And then there is business email compromise (BEC) and phishing. Phishing is still the primary vector for initial access. Phishing victims in Africa rose from 26% to 32% in 2024. In BEC attacks, which usually follow phishing, fraudsters compromise legitimate email accounts of executives or finance officers and authorise fraudulent wire transfers. It’s most prevalent in West Africa, where there are criminals who have honed their skills over decades.
Digital sextortion is one of the worst forms of cyberattacks. Criminals often use explicit images generated with AI to blackmail victims. With the rise of AI, criminals no longer need real photos; they can use deepfake technologies to blackmail anyone sensitive about their public image. This can disproportionately affect women and public figures.
And finally, there is DDoS. DDoS, or distributed denial of service attacks, has moved beyond vandalism to become a real tool of geopolitical coercion. The high-profile attack by Anonymous Sudan against Kenya’s digital infrastructure in 2023 and 2024 exemplified this shift. Although they claim those attacks were political and for the benefit of the nation of Sudan, security researchers believe Anonymous Sudan may have ties to Russian cybercrime ecosystems like KillNet. This connection was observed when they targeted Kenya’s eCitizen platform, M-PESA services, and power utilities. The attack was so humiliating for Kenya because they were issuing digital visas, which no longer worked, and they had to roll back to issuing visas on arrival. It caused so much chaos in Nairobi without even firing a shot.
Of course, things are at their worst when there is a spy or a colluder in your organisation. For example, Access Bank in Nigeria lost over 800 million Naira because of an employee who was colluding with cybercriminals. If you have underpaid or disgruntled employees, criminals might recruit them to work as insiders.
The insider threat is very difficult to detect because no amount of sophisticated monitoring of the digital infrastructure is going to prevent internal sabotage. Employees might be tempted to sell their credentials if they are going to be paid much more by a criminal than by their employer, especially in poor regions like Africa.
The future of defence
The future of cybersecurity is defined by the sovereignty of data. We are going to see a lot of data nationalism rise, where nations demand that their data be stored locally. This might complicate the operations of global tech giants, but it will spur the growth of local cloud infrastructure.
Rwanda’s Data Governance Policy is a good example of this. However, we are playing a game of catch-up as quantum computing is moving too fast; any current encryption standard is easily overcome by hackers in a matter of weeks or months. Even if Africans use the current technology available in Europe, by the time they implement it, they will be left behind by all the technological advancements happening in the world and adopted by malicious actors. If they want to be ahead of the game, they have to prepare for post-quantum cryptography.
Experts like Dr. Bright Gameli Mawudor predict that attacks will be fully automated, meaning the hacker will be an AI in the near future rather than a human being. He also warns that automated scripts could theoretically compromise national central banks if there are vulnerabilities, suggesting that the future of war is going to be machine against machine, where humans are either spectators or victims.