African countries are fast becoming a target for cyber criminals.

Ethiopia is Africa’s biggest cyber crime target, and ranks second globally; that’s according to the Global Threat Index for June 2024, released by Check Point, which assessed 112 countries.

Other African countries to feature prominently on the list are Zimbabwe, which ranks third globally, while Angola and Kenya place sixth and ninth respectively.

Seven African countries rank in the top 20 most attacked, while the biggest economy on the continent, South Africa, ranks 61, and Egypt ranks as the least attacked of the African countries surveyed.

Check Point’s rankings highlight the critical importance of cyber security readiness for African businesses and organisations.

The company stated, despite ongoing efforts to bolster defences, the dynamic and evolving threat landscape continues to pose significant risks.

In June 2024, the top malware families impacting Africa included Phorpiex, infamous for orchestrating large-scale spam campaigns, particularly active in Mozambique, Nigeria and Zimbabwe.

Another is Expiro, a polymorphic file infector that steals user and system information, compromising data integrity across Nigeria and Zimbabwe.

Qbot is a multifunctional malware that facilitates credential theft, ransomware delivery and backdoor access, posing significant risks to organisations in South Africa and Zimbabwe.

And last on the list, FakeUpdates (SocGholish) is a downloader malware leading to further infections by deploying additional malware strains, including ransomware, across South Africa and Nigeria.

Check Point notes that government agencies and the military, financial institutions, utilities, communications and education/research have been the most targeted.

Issam El Haddaoui, engineering manager for Africa, Check Point Security, said the statistics show that African organisations must adopt a proactive approach to cyber security.

“Leveraging advanced threat intelligence, robust defence mechanisms, and comprehensive incident response plans are essential steps to mitigate the risks posed by cyber threats.”