Cyber crime has entered a new era of industrialisation and Africa, with its vast base of small and medium-sized enterprises (SMEs), is emerging as one of the most vulnerable regions.
This is the stark warning from Orange Cyberdefense in its newly released Security Navigator 2026 report, based on analysis of over 139,000 security incidents recorded globally between October 2024 and September 2025.
The report, made public yesterday, reveals that cyber extortion (Cy-X) has exploded worldwide, with more than 19,000 organisations victimised since 2020, a threefold increase. SMEs, which dominate Africa’s economic landscape and account for an estimated 80–90% of businesses across the continent, suffer two-thirds of all Cy-X attacks.
According to the report, Africa’s Cy-X cases rose 47%, part of a broader surge also seen in Latin America (+60%) and Asia (+82%).
Orange’s cyber defence unit say attackers increasingly use SMEs as stepping stones into larger supply chains, amplifying the economic shockwaves across regions.
Charl van der Walt, Head of Security Research at Orange Cyberdefense, underlined that the threat environment is shifting faster than organisations can adapt. “As attackers diversify across geographies and business sizes, what’s clear is that the traditional perception of the ‘supply chain’ as linear is obsolete. In reality, we exist within a dense web of interdependence where a single weakness can enable mass compromise,” he said.
Van der Walt also highlighted that critical sectors on the continent, such as health, finance, transport and distribution, mirror global trends in recording increases of between 67% and 80%.
Orange attributes the escalation to the industrialisation of cyber crime, driven by the rise of crime-as-a-service marketplaces and the integration of AI tools that automate malware development and speed up exploitation. What was once the realm of elite criminal groups has splintered into a chaotic ecosystem of nearly 90 active threat actors, almost triple the number identified five years ago.
But the danger is no longer purely technical. The Security Navigator 2026 Report shows that the danger is no longer purely technical as cyber crime is now deeply intertwined with geopolitics.
State-backed groups, hacktivists and organised criminal networks are blurring together, carrying out disinformation campaigns, DDoS attacks and targeted manipulation designed to destabilise public opinion and weaken national institutions.
Despite the grim outlook, the research highlights a positive trend of growing global cooperation. It highlights that between 2021 and mid-2025, nearly 30% of operations led to arrests and 17% to infrastructure takedowns.
Share