With cyber crime now officially ranked as the top business risk in South Africa, NEC XON has issued a critical alert about the dual threat of massive credential theft and AI-powered cyber attacks sweeping across the region. With rising incidents and evolving threat tactics, NEC XON is calling on organisations to rethink security from a static, reactive necessity to a strategic, AI-driven business imperative.
“Credentials have become the skeleton key to an organisation’s digital assets,” says Armand Kruger, Head of Cybersecurity at NEC XON. “We’ve uncovered over 10 000 compromised South African credentials on the dark web during recent client assessments. That’s not just a statistic – it’s an open invitation to attackers.” These credentials are harvested using malware known as credential stealers, which infect devices such as smartphones and computers to extract all stored login information – whether saved in browsers or on the device itself. Cyber adversaries use these stolen credentials to access services such as online banking and other consumer platforms, take over accounts and cause significant harm.
Attackers’ favourite entry point
According to the IBM 2024 Cost of a Data Breach Report, compromised credentials are now the most common entry point for attackers in South Africa, responsible for 17% of breaches and costing companies an average of R56 million per incident. The scale is equally alarming at the human level: Mimecast’s 2024 research shows that 40% of breaches are caused by human error – often through phishing and stolen passwords – yet only 22% of companies provide ongoing cyber security training.
Kruger explained that in several vulnerability assessments, NEC XON traced stolen credentials to South African domains and active infrastructure – with no multi-factor authentication in place. “It’s like leaving the front door open and being shocked when someone walks in.” Corporate credentials are often used to access remote services such as RDP and VPN on corporate networks, enabling attackers to gain an initial foothold in the environment – a common tactic employed by ransomware operators targeting enterprises.
Cyber criminals are calling in AI – so should you
And now, attackers are calling in the cavalry: AI. According to the World Economic Forum Artificial Intelligence and Cybersecurity Report (2025), AI has democratised cyber crime, giving attackers tools to scale up phishing campaigns, automate social engineering and develop adaptive malware. NEC XON confirms this shift.
“Cyber criminals are no longer working harder – they’re working smarter with AI,” says Kruger. “That’s why traditional security models are failing. They simply don’t have the resources or speed to keep up.”
The Kaspersky IT Security Economics Report (2025) echoes these concerns, revealing a 26% rise in password-stealing malware across Africa in 2024. Picus Labs’ Red Report 2025 noted a 300% surge in credential theft. The solution, Kruger argues, is to match AI with AI.
“Cyber security shouldn’t be a grudge purchase. It is a business continuity asset. We work to integrate advanced AI technologies to move beyond detection – towards proactive, adaptive, business-aligned protection. Cyber security is fundamentally about risk management – it's centred on building resilience, the ability to withstand and recover from cyber attacks,” explains Kruger.
Ideally, AI-driven security solutions should include:
- Real-time threat detection and response – automated investigations allow human experts to shift focus from damage control to prevention.
- Business risk quantification – aligning security with operational goals improves resilience and reduces cost.
- Optimised security spend – AI efficiencies deliver strong protection without waste.
“Our own managed detection and response (MDR) team recently demonstrated this in action. AI systems intercepted a ransomware threat to a client’s systems by automatically quarantining the malware, disabling compromised credentials and isolating the endpoint before any damage was done – with no human intervention required. Cyber criminals don’t wait for board meetings, technical evaluation criteria, RFPs, change control or operational reviews to assess capabilities – they act with curiosity and intent, constantly probing to see how far functionality can be exploited,” says Kruger. “That’s why AI in cyber security isn’t optional anymore – it’s a business investment.”
Security visibility is another major focus. A trusted partner should deliver AI-driven cyber security as a real-time, consumption-based service, including:
- Live dashboards
- Instant response reports
- Collaboration tools that break down digital silos
“Ultimately, it’s about delivering cyber security that protects and enables the business – not just checking boxes,” said Kruger. “We work hand in hand with customers to understand their risk, define measurable goals and implement intelligent protection.” The future, Kruger says, is cyber anticipation. “You need to see the threat before it knocks. Proactive foresight and actionable intelligence are essential pillars of institutional resilience. And with the right AI-powered systems in place, you can.”
Share
NEC XON
NEC XON is a leading African integrator of ICT solutions and part of NEC, a Japanese global company. The holding company has operated in Africa since 1963 and delivers communications, energy, safety, security, and digital solutions. It co-creates social value through innovation to help overcome serious societal challenges. The organisation operates in 54 African countries and has a footprint in 16 of them. Regional headquarters are located in South, East, and West Africa. NEC XON is a level 1-certified broad-based black economic empowerment (B-BBEE) business. Discover more at www.nec.africa.