Africa records highest weekly cyberattacks amid GenAI surge

Africa has been ranked as the most targeted region for cyberattacks globally, with organisations on the continent facing an average of 2,902 attacks per week in September, according to the latest report from Check Point Research.

The Global Threat Intelligence Report by Check Point Research, the threat intelligence arm of Check Point Software Technologies Ltd., revealed that telecommunications, government, and consumer goods and services sectors were the most targeted industries across Africa.

According to the report, Angola recorded the highest number of weekly attacks with 3,045 per organisation, followed by Kenya with 3,000, Nigeria with 2,749, and South Africa with 2,054.

Regional Director for Africa at Check Point Software Technologies, Lorna Hardie, said many of the attacks were linked to the growing use of generative artificial intelligence.

As Africans, we are deeply concerned about the continent’s vulnerability to cyberattacks, especially as many of the incidents in September were prompted by the use of generative AI,” Hardie said.

“The only sustainable defence is a prevention-first strategy powered by real-time AI, ensuring protection across the network, cloud, endpoints, and identities.”

Globally, organisations faced an average of 1,900 cyberattacks per week in September, highlighting the scale of Africa’s exposure relative to other regions

Check Point Research said the rise in GenAI tools across enterprises has introduced new risks, with one in every 54 AI prompts posing a high risk of sensitive data leakage. The report added that 91 per cent of organisations using GenAI tools regularly were affected by such risks, while 15 per cent of prompts contained potentially sensitive information, such as customer details or proprietary code.

Data Research Manager at Check Point Research, Omer Dembinsky, said the overall number of attacks had eased slightly, but their impact and sophistication continued to intensify.

September’s threat data shows that while the overall volume of attacks has eased slightly, the impact and sophistication of cyber threats are intensifying,” Dembinsky said. “Ransomware remains the most destructive force, while the emergence of GenAI-related data leakage adds a new dimension of risk for organisations.”

The report also showed that the education sector remained the most targeted globally, experiencing an average of 4,175 weekly attacks per organisation, followed by the telecommunications and government sectors with 2,703 and 2,512 attacks, respectively.

While Africa recorded the highest regional average, other parts of the world were not spared. Latin America reported 2,826 weekly attacks per organisation, followed by Asia-Pacific with 2,668, Europe with 1,577, and North America with 1,468, the latter recording a 17 per cent year-on-year surge driven by ransomware incidents.

Ransomware accounted for 562 publicly reported incidents globally in September, marking a 46 per cent increase year-on-year. North America was the most affected, representing 54 per cent of all reported cases, while Europe accounted for 19 per cent.

The report identified Qilin, Play, and Akira as the leading ransomware groups, collectively responsible for over 30 per cent of known attacks.

Qilin, one of the most active Ransomware-as-a-service groups, continues to expand aggressively, while Play and Akira increasingly target manufacturing and business services using advanced encryption methods.

Check Point warned that the rising integration of GenAI into enterprise environments required stronger governance and proactive cybersecurity frameworks to prevent data exposure.

“Only through a prevention-first approach can organisations stay ahead and protect critical operations from relentless adversaries,” Ms. Hardie said.

Check Point Software Technologies, a Nasdaq-listed cybersecurity firm, provides AI-powered solutions protecting more than 100,000 organisations worldwide through its Infinity Platform and threat intelligence network, ThreatCloud.