Nigeria Ranks Third in Africa for Ransomware Threat Detections in 2024 — INTERPOL
Nigeria is now the third most affected country in Africa when it comes to ransomware threat detections, recording 3,459 incidents in 2024, according to the 2025 Africa Cyberthreat Assessment Report by INTERPOL.
The report highlights the growing scale and sophistication of cyber-enabled crime in Africa, with ransomware attacks posing a significant threat to governments, businesses, and individuals.
Top 10 African Countries by Ransomware Detections in 2024
The INTERPOL report lists the countries most impacted by ransomware attacks in 2024:
- Egypt – 17,849 detections
- South Africa – 12,281 detections
- Nigeria – 3,459 detections
- Kenya – 3,030 detections
- Gambia – 1,729 detections
- Ghana – 1,671 detections
- Tunisia – 1,232 detections
- Algeria – 1,117 detections
- Morocco – 1,076 detections
- Ethiopia – 953 detections
The data, sourced from INTERPOL’s private sector partners, reflects monthly increases in ransomware detection and underlines the vulnerability of Africa’s increasingly digital infrastructure.
Ransomware Attacks on the Rise Across Africa
According to INTERPOL, ransomware is one of the top cyber threats in Africa, along with business email compromise (BEC), online scams, and sextortion. The continent’s most digitised economies are often the hardest hit due to their expansive online footprints and insufficient cybersecurity infrastructure.
Cybercrime now accounts for over 30% of reported crimes in West and East Africa, according to data.
High-Profile Cyberattacks in 2024
In 2024, ransomware attacks caused significant damage across key sectors, including:
- Finance
- Government
- Energy and infrastructure
- Healthcare
- Telecommunications
Notable Incidents:
- Flutterwave (Nigeria): Hackers reportedly stole $7 million in April 2024.
- ENEO (Cameroon): Suffered power management disruptions.
- Kenya’s Urban Roads Authority (KURA): Experienced a major data breach.
- Nigeria’s National Bureau of Statistics (NBS): Attacked in December 2024.
- South Africa’s Department of Defence: Lost 1.6 TB of sensitive data in a Snatch ransomware attack.
- Telecom Namibia: Data breach impacted over 619,000 clients, leaking 626.3 GB of personal and institutional data.
Ransom Demands and Financial Impact
Ransom demands typically ranged from tens of thousands to millions of dollars, often payable in cryptocurrency. Victims faced:
- Costly recovery processes
- Extended business downtime
- Revenue losses
- Long-term reputational damage
Major Ransomware Gangs Targeting Africa
1. LockBit
- A Ransomware-as-a-Service (RaaS) syndicate
- Behind the Government Employees Pension Fund (GEPF) breach in South Africa
- Despite international crackdowns, LockBit remained highly active throughout 2024
2. Hunters International
- Focuses on telecom, financial, and government sectors
- Breached KURA (Kenya) and Telecom Namibia in 2024
- Known for stealth attacks and public leaks of stolen data
3. BlackSuit
- Responsible for a devastating ransomware attack on South Africa’s National Health Laboratory Service (NHLS) in June 2024
- Disrupted diagnostics and compromised over 1 TB of sensitive health data
- Highlighted the public safety risks associated with healthcare cyberattacks
Nigeria’s Cybersecurity Challenges
Nigeria’s ranking underscores the country’s vulnerability to cyberattacks, especially given its rapid digitisation across sectors. Despite growing awareness, challenges remain, including:
- Limited security infrastructure
- Low cybersecurity awareness
- Gaps in legal and policy frameworks
Key Takeaways
- Nigeria ranks 3rd in Africa for ransomware threat detections in 2024 (3,459 cases)
- Ransomware is one of Africa’s most dangerous cyber threats, affecting critical sectors
- High-profile attacks include Flutterwave, NBS, and ENEO
- LockBit, Hunters International, and BlackSuit are among the leading threat actors
- Cybercrime in Africa is rising rapidly, demanding urgent regional cooperation and stronger cybersecurity protocols
