- Two-thirds of African member countries said cyber-related offences accounted for a medium-to-high share of all crimes.
- Cyber crime accounts for more than 30% of all reported crime in Western and Eastern Africa.
- Online scams, ransomware, business e-mail compromise and digital sextortion are the most reported cyber threats.
- Ninety percent of African countries report needing ‘significant improvement’ in law enforcement or prosecution capacity.
A growing share of reported crimes in Africa is cyber-related, according to INTERPOL’s 2025 Africa Cyberthreat Assessment Report.
Two-thirds of the organisation’s African member countries surveyed said that cyber-related crimes accounted for a medium-to-high share of all crimes, rising to 30% in Western and Eastern Africa.
Online scams, particularly through phishing, were the most frequently reported cyber crimes in Africa, while ransomware, business e-mail compromise (BEC) and digital sextortion also remain widespread.
Neal Jetton, INTERPOL Cybercrime Director, said: “This fourth edition of the INTERPOL African Cyberthreat Assessment provides a vital snapshot of the current situation, informed by operational intelligence, extensive law enforcement engagement and strategic private-sector collaboration. It paints a clear picture of a threat landscape in flux, with emerging dangers like AI-driven fraud that demand urgent attention. No single agency or country can face these challenges alone.”
Ambassador Jalel Chelba, Acting Executive Director of AFRIPOL, said: “Cyber security is not merely a technical issue; it has become a fundamental pillar of stability, peace and sustainable development in Africa. It directly concerns the digital sovereignty of states, the resilience of our institutions, citizen trust and the proper functioning of our economies.”
Africa’s top cyber threats
In the past year, suspected scam notifications rose by up to 3 000% in some African countries, according to data from Kaspersky – one of several private sector partners that works with INTERPOL’s cyber crime directorate.
Ransomware detections in Africa also rose in 2024, with South Africa and Egypt suffering the highest number, at 17 849 and 12 281 detections respectively, according to data from Trend Micro, followed by other highly digitised economies such as Nigeria (3 459) and Kenya (3 030).
Incidents included attacks on critical infrastructure, such as a breach at Kenya’s Urban Roads Authority (KURA), and on government databases, such as hacks of Nigeria’s National Bureau of Statistics (NBS).
BEC-related incidents also rose significantly, with 11 African nations accounting for the majority of BEC activity originating on the continent. In West Africa, BEC fraud has driven highly organised, multimillion-dollar criminal enterprises, such as transnational syndicate Black Axe.
Sixty percent of African member countries reported an increase in reports of digital sextortion, where threat actors use sexually explicit images to blackmail their targets. The images can be authentic – shared voluntarily or obtained through coercion or deception – or they can be generated by artificial intelligence.
Law enforcement challenges
Cyber crime continues to outpace the legal systems designed to stop it, according to African law enforcement. Seventy-five percent of countries surveyed said their legal frameworks and prosecution capacity needed improvement.
At the same time, countries also reported struggling to enforce the existing laws on cyber crime, with 95% of respondents reporting inadequate training, resource constraints and a lack of access to specialised tools.
Despite rising caseloads, most African member countries surveyed still lack essential IT infrastructure to combat cyber crime. Just 30% of countries reported having an incident reporting system, 29% a digital evidence repository and 19% a cyber threat intelligence database.
While cyber crime routinely crosses national borders, 86% of African member countries surveyed said their international co-operation capacity needs improvement due to slow, formal processes, a lack of operational networks and limited access to platforms and foreign-hosted data.
Cyber crime investigations increasingly rely on co-operation from private sector partners, yet 89% of African countries said their co-operation with the private sector needed ‘significant’ or ‘some’ improvement due to unclear channels for engagement, low institutional readiness and other barriers.
Strengthening cyber resilience
Nevertheless, the INTERPOL report also details positive steps that many African member countries have made to strengthen their cyber resilience.
Several African countries advanced their legal frameworks, harmonising cyber security laws with international standards. Many countries also enhanced their cyber crime response capabilities, investing in specialised units and digital forensics infrastructure.
This increased operational capacity was demonstrated in two high-impact international cyber crime operations co-ordinated by INTERPOL – Operation Serengeti and Operation Red Card – which collectively led to more than 1 000 arrests and the dismantling of hundreds of thousands of malicious networks.
To further improve Africa’s cyber crime response capabilities, the INTERPOL report proposes six strategic recommendations, including improving regional and international co-operation, expanding prevention and public awareness and leveraging emerging technologies.
INTERPOL's Africa Cyberthreat Assessment is part of the Organization’s African Joint Operation against Cybercrime (AFJOC) initiative, which is aimed at strengthening the capability of African law enforcement to prevent, detect, investigate and disrupt cyber crime. The AFJOC initiative is supported by the United Kingdom’s Foreign, Commonwealth and Development Office.
In addition to information gathered from INTERPOL member countries in Africa, the Assessment benefits from data contributed by private sector partners Bi.Zone, Group-IB, Kaspersky and Trend Micro.
Download the INTERPOL’s 2025 Africa Cyberthreat Assessment Report via the link below.
Share
