Nigerian Organizations Battling 3,759 Cyber Attacks Weekly – Report

Nigeria, Africa’s largest economy, continues to face an onslaught of cyber attacks, with organizations experiencing an average of 3,759 incidents per week.

This figure is significantly higher than the global weekly average of 1,876, according to Check Point Software Technologies’ 2024 African Perspectives on Cyber Security report.

The report highlighted the nation’s vulnerability as it accelerates digital transformation in key sectors including finance, government and education.

Ransomware has emerged as the dominant cyber threat, targeting both public and private entities by exploiting zero-day vulnerabilities.

Other significant threats include botnets, information thieves and banking malware, which have become increasingly sophisticated in targeting financial data and network infrastructure.

The report said: “Nigeria continues to experience one of the highest frequencies of cyber attacks in Africa, with organizations being attacked an average of 3,759 times per week. This alarming statistic highlights the urgent need for robust cyber security measures to protect critical sectors, particularly finance, government and healthcare.

“In 2024, ransomware has become the most important cyber threat in Nigeria, with attacks exploiting zero-day vulnerabilities and causing widespread damage to both public and private entities. In addition, botnets, identity thieves and banking malware remain persistent threats, with attackers increasingly targeting network infrastructure and financial data.”

Nigeria’s financial sector the worst hit

Nigeria’s financial sector is the worst of these cyber attacks, experiencing an average of 4,718 incidents per week, the highest of any sector.
This alarming frequency stems from weak multi-factor authentication systems and outdated banking infrastructure.
A case study in the report highlighted a major breach in March 2024, where a phishing attack compromised more than 10,000 accounts at a major Nigerian bank.
Attackers used the Emotet Trojan to infiltrate financial systems, resulting in a loss of $3 million and a sharp drop in the bank’s stock value.

In the case study, the report noted: “The banking trojan allowed attackers to gain unauthorized access to critical financial systems, leading to the theft of millions of naira from customer accounts. The bank’s internal investigation revealed that more than 10,000 customer accounts were compromised, and the total financial loss was estimated at approximately $3 million. The attack caused significant damage to the bank’s reputation, leading to a loss of customer confidence and a sharp drop in share prices.”

Government and education sectors under siege

Government institutions face an average of 1,791 cyber attacks per week, with ransomware and botnets representing the most significant threats.
Exploited vulnerabilities such as remote code execution and information disclosure have left this sector particularly exposed. Public sector attacks often aim to disrupt economic operations with substantial national security implications.
Similarly, the education sector endures 1,682 attacks per week, mainly through phishing schemes and malware infections.
Lack of cybersecurity training for staff and students exacerbates vulnerabilities, making academic institutions easy targets for hackers.

What you should know

The report also highlighted a broader trend of increasing sophistication of cyber threats in Nigeria. With Africa experiencing a 90% year-on-year increase in ransomware attacks, Nigeria’s growing reliance on digital platforms makes it a prime target. Threat actors have begun to use advanced technologies such as generative artificial intelligence to improve the accuracy of phishing campaigns and malware development.
The report calls for urgent reforms in financial systems, including the adoption of advanced authentication protocols and regular security audits. While the Central Bank of Nigeria (CBN) introduced a cyber security levy to fund enhanced defence, the move faced public resistance, leading to a significant rate cut.
Advanced AI-based solutions are also being deployed to strengthen the nation’s defenses, but the report underscores the need for sustained investment in cybersecurity infrastructure. Recommendations include implementing stronger encryption protocols, adopting advanced threat detection technologies, and conducting ongoing cyber security awareness campaigns.