Nigerian organisations recorded the highest number of cyber-attacks in Africa in January 2026, averaging 4,701 attacks per organisation per week.
This is according to the latest Global Threat Intelligence report by Check Point Research.
The figure represents a 12% year on year increase and a rise from 4,622 weekly attacks recorded in December 2025, underscoring intensifying cyber pressure on Africa’s largest economy.
The report shows that Nigeria not only leads the continent in attack volume among the four African countries surveyed, but also significantly exceeds the continental average of 2,864 attacks per organisation per week.
What the data is saying
Check Point Research data shows that organisations globally faced an average of 2,090 cyber-attacks per week in January.
This marks a 3% increase from December and a 17% year on year rise, highlighting sustained escalation in cyber threats worldwide.
- “Among the four African countries included in the January insights, Nigeria had the highest number of attacks at 4,701 per organisation per week, a 12% YoY increase. This was up from 4,622 in December 2025,” the report stated.
Within Africa, Angola followed Nigeria with 4,512 attacks per organisation per week, though this represented a 7% year on year decline.
Kenya recorded 2,172 weekly attacks, down 41% year on year, while South African organisations faced 2,145 weekly attacks, up 36% compared to the same period last year.
- Overall, Africa recorded an average of 2,864 attacks per organisation weekly, a 6% year on year decline. However, the drop masks significant country-level disparities, with Nigeria and South Africa experiencing notable increases.
More insights
The most targeted sectors across Africa were Government, Financial Services, and Consumer Goods and Services, industries that manage sensitive citizen data, financial transactions, and critical supply chains.
Ian van Rensburg, Head of Security Engineering for Africa at Check Point Software Technologies, warned that the numbers reflect a shift in both scale and sophistication.
- “January’s data shows that cyber-attacks are not only increasing but becoming more refined and opportunistic,” he said.
He added that African organisations accelerating digital transformation must ensure their cybersecurity frameworks keep pace with technology adoption.
- “Unchecked GenAI usage is opening new blind spots for organisations. Prevention first, real time protection powered by AI is the only effective way to stop attacks before they cause operational or financial damage,” he said.
GenAI adoption creates new vulnerabilities
The report flagged the rapid uptake of Generative AI tools as a growing security risk. According to Check Point, one in every 30 GenAI prompts submitted from corporate networks in January posed a significant risk of exposing sensitive data.
- The exposure risk affected 93% of organisations using GenAI tools.
- Prompts frequently contained internal documents, personal identifiers, customer information, and proprietary source code.
- On average, organisations used 10 different GenAI tools monthly, many operating outside formal governance structures.
This fragmented usage increases the likelihood of accidental data leaks, ransomware infiltration, and AI powered cyber-attacks, particularly in markets like Nigeria where digital adoption is accelerating across banking, fintech, telecoms and public services.
Globally, the Education sector remained the most attacked industry, with institutions facing an average of 4,364 weekly attacks per organisation, up 12% year on year.
Government entities followed with 2,759 weekly attacks, while Telecommunications ranked third with 2,647 attacks per week, reflecting growing threats to connectivity infrastructure and 5G ecosystems.
What you should know
The rising cyber-attacks against Nigerian organisations have been a major concern, even to the government.
- In response to this, Nairametrics reported that the government plans to roll out a new cybersecurity framework this year to curb rising AI-driven cyberattacks on banks, businesses and government agencies.
- According to the Director-General of the National Information Technology Development Agency, Kashifu Inuwa, the cybersecurity framework, expected to be implemented later this year, will require organisations operating in Nigeria to meet minimum cybersecurity spending thresholds.
- He said many companies currently underinvest in cybersecurity because they assume they are unlikely targets.
The framework will also introduce mandatory timelines for reporting data breaches, systems for sharing threat intelligence between the public and private sectors, and coordinated response protocols for major cyber incidents.
