Africa has emerged as the most targeted region for cyberattacks globally, with organisations on the continent facing an average of 2,902 weekly attacks in September 2025, according to the latest Global Threat Intelligence Report by Check Point Research, the threat intelligence arm of Check Point Software Technologies Ltd.
The report revealed that telecommunications, government, and consumer goods and services sectors were the most targeted across the continent, reflecting a growing digital threat landscape driven by emerging technologies.
Among African countries, Angola recorded the highest number of weekly cyberattacks per organisation with 3,045, followed by Kenya with 3,000, Nigeria with 2,749, and South Africa with 2,054. This figure dwarfs the global average of 1,900 weekly attacks, highlighting the region’s elevated exposure to cyber threats compared to other parts of the world.
Regional Director for Africa at Check Point Software Technologies, Lorna Hardie, attributed much of the surge to the increasing use of generative artificial intelligence tools, which have introduced new vulnerabilities. “As Africans, we are deeply concerned about the continent’s vulnerability to cyberattacks, especially as many of the incidents in September were prompted by the use of generative AI,” Hardie said. “The only sustainable defence is a prevention-first strategy powered by real-time AI, ensuring protection across the network, cloud, endpoints, and identities.”
The report indicated that the rise of GenAI tools within enterprises has escalated data leakage risks, with one in every 54 AI prompts posing a high risk of exposing sensitive information. It noted that 91 per cent of organisations using GenAI tools regularly experienced such risks, while 15 per cent of prompts contained sensitive information such as customer data or proprietary code.
Data Research Manager at Check Point Research, Omer Dembinsky, said that while the overall volume of attacks slightly decreased, their impact and sophistication intensified, with ransomware remaining the most destructive threat. “September’s threat data shows that while the overall volume of attacks has eased slightly, the impact and sophistication of cyber threats are intensifying,” Dembinsky said.
Globally, the education sector remained the most targeted industry, with an average of 4,175 weekly attacks per organisation, followed by telecommunications and government sectors, which recorded 2,703 and 2,512 weekly attacks respectively.
The report also highlighted ransomware’s growing prevalence, with 562 publicly reported incidents globally in September, marking a 46 per cent year-on-year increase. North America accounted for 54 per cent of these cases, while Europe represented 19 per cent. The Qilin, Play, and Akira ransomware groups were identified as the most active, responsible for over 30 per cent of known attacks, with Qilin continuing to expand aggressively as a Ransomware-as-a-Service group.
Check Point warned that the increasing integration of GenAI into enterprise environments required stronger governance frameworks and proactive cybersecurity strategies to safeguard against data exposure and evolving threats. “Only through a prevention-first approach can organisations stay ahead and protect critical operations from relentless adversaries,” Hardie added.
Check Point Software Technologies, listed on Nasdaq, provides AI-powered cybersecurity solutions to more than 100,000 organisations worldwide through its Infinity Platform and ThreatCloud threat intelligence network.
