Africa has emerged as the most targeted region in the world for cyberattacks, with organisations across the continent facing an average of 2,902 attacks per week in September 2025, according to a new report by Check Point Research.
The Global Threat Intelligence Report, released by Check Point Research — the threat intelligence arm of Check Point Software Technologies Ltd. — revealed that the telecommunications, government, and consumer goods and services sectors were the hardest hit in Africa.
Among individual countries, Angola recorded the highest average number of weekly attacks, with 3,045 per organisation, followed by Kenya with 3,000, Nigeria with 2,749, and South Africa with 2,054.
Regional Director for Africa at Check Point Software Technologies, Lorna Hardie, said the increasing use of generative artificial intelligence (GenAI) was driving many of the new cyber incidents.
“As Africans, we are deeply concerned about the continent’s vulnerability to cyberattacks, especially as many of the incidents in September were prompted by the use of generative AI,” Hardie said.
“The only sustainable defence is a prevention-first strategy powered by real-time AI — ensuring protection across networks, clouds, endpoints, and digital identities.”
Globally, organisations faced an average of 1,900 weekly cyberattacks in September — far lower than Africa’s average — underscoring how exposed the continent has become to digital threats.
The report noted that the growing adoption of GenAI tools in workplaces has introduced new risks, with one in every 54 AI prompts carrying a high risk of leaking sensitive data. It added that 91 per cent of organisations using GenAI tools were exposed to these risks, and 15 per cent of AI-generated prompts contained private or proprietary information such as customer data or internal code.
Check Point’s Data Research Manager, Omer Dembinsky, said while the total number of cyberattacks had dipped slightly, their sophistication and impact were intensifying.
“September’s data shows that while the volume of attacks has eased a bit, their impact and complexity are growing,” he said. “Ransomware remains the most destructive cyber threat, while GenAI-related data leaks are emerging as a major new risk for organisations.”
According to the report, the education sector remained the most targeted globally, suffering an average of 4,175 weekly attacks per organisation, followed by telecommunications and government institutions with 2,703 and 2,512 attacks respectively.
Other regions also faced significant threats. Latin America recorded an average of 2,826 attacks per organisation each week, followed by the Asia-Pacific region with 2,668, Europe with 1,577, and North America with 1,468. North America also saw a 17 per cent year-on-year increase in ransomware incidents.
Ransomware attacks surged globally, with 562 publicly reported incidents in September — a 46 per cent jump compared to the same period last year. North America accounted for 54 per cent of all reported cases, while Europe made up 19 per cent.
Read Also;
Police vow safer digital space, mobilise public against cyber threats
The report identified Qilin, Play, and Akira as the three most active ransomware groups, collectively responsible for over 30 per cent of all known attacks. Qilin, a major Ransomware-as-a-Service operator, continues to expand aggressively, while Play and Akira have shifted focus towards manufacturing and business services using advanced encryption tactics.
Check Point warned that as GenAI becomes more integrated into business operations, organisations must adopt stronger governance structures and proactive cybersecurity measures to prevent data leaks and large-scale breaches.
“Only a prevention-first approach can help organisations stay ahead and protect critical systems from relentless adversaries,” Hardie added.
Check Point Software Technologies — a Nasdaq-listed cybersecurity company — provides AI-driven protection to more than 100,000 organisations globally through its Infinity Platform and ThreatCloud intelligence network.
