- Cybercrime accounts for more than 30 per cent of all reported crime in Western and Eastern Africa.
- Online scams, ransomware, business email compromise and digital sextortion are the most reported cyberthreats.
- 90 per cent of African countries report needing ‘significant improvement’ in law enforcement or prosecution capacity.
LYON, France: A growing share of reported crimes in Africa is cyber-related, according to INTERPOL’s 2025 Africa Cyberthreat Assessment Report.
Two-thirds of the Organization’s African member countries surveyed said that cyber-related crimes accounted for a medium-to-high share of all crimes, rising to 30 per cent in Western and Eastern Africa.
Online scams, particularly through phishing, were the most frequently reported cybercrimes in Africa, while ransomware, business email compromise (BEC) and digital sextortion also remain widespread.
Neal Jetton, INTERPOL Cybercrime Director, said:
“This fourth edition of the INTERPOL African Cyberthreat Assessment provides a vital snapshot of the current situation, informed by operational intelligence, extensive law enforcement engagement and strategic private-sector collaboration. It paints a clear picture of a threat landscape in flux, with emerging dangers like AI-driven fraud that demand urgent attention. No single agency or country can face these challenges alone.”
Ambassador Jalel Chelba, Acting Executive Director of AFRIPOL, said:
“Cybersecurity is not merely a technical issue; it has become a fundamental pillar of stability, peace, and sustainable development in Africa. It directly concerns the digital sovereignty of states, the resilience of our institutions, citizen trust and the proper functioning of our economies.”
Africa’s top cyberthreats
In the past year, suspected scam notifications rose by up to 3,000 per cent in some African countries, according to data from Kaspersky – one of several private sector partners that works with INTERPOL’s cybercrime directorate.
Ransomware detections in Africa also rose in 2024, with South Africa and Egypt suffering the highest number, at 17,849 and 12,281 detections respectively according to data from Trend Micro, followed by other highly digitized economies such as Nigeria (3,459) and Kenya (3,030).
Incidents included attacks on critical infrastructure, such as a breach at Kenya’s Urban Roads Authority (KURA), and on government databases, such as hacks of Nigeria’s National Bureau of Statistics (NBS).
BEC-related incidents also rose significantly, with 11 African nations accounting for the majority of BEC activity originating on the continent. In West Africa, BEC fraud has driven highly organized, multi-million-dollar criminal enterprises, such as transnational syndicate Black Axe.
Sixty per cent of African member countries reported an increase in reports of digital sextortion, where threat actors use sexually explicit images to blackmail their targets. The images can be authentic – shared voluntarily or obtained through coercion or deception – or they can be generated by artificial intelligence.
Law enforcement challenges
Cybercrime continues to outpace the legal systems designed to stop it, according to African law enforcement. Seventy-five per cent of countries surveyed said their legal frameworks and prosecution capacity needed improvement.
At the same time, countries also reported struggling to enforce the existing laws on cybercrime, with 95 per cent of respondents reported inadequate training, resource constraints and a lack of access to specialized tools.
Despite rising caseloads, most African member countries surveyed still lack essential IT infrastructure to combat cybercrime. Just 30 per cent of countries reported having an incident reporting system, 29 per cent a digital evidence repository and 19 per cent a cyberthreat intelligence database.
While cybercrime routinely crosses national borders, 86 per cent of African member countries surveyed said their international cooperation capacity needs improvement due to slow, formal processes, a lack of operational networks, and limited access to platforms and foreign-hosted data.
Cybercrime investigations increasingly rely on cooperation from private sector partners, yet 89 per cent of African countries said their cooperation with the private sector needed ‘significant’ or ‘some’ improvement due to unclear channels for engagement, low institutional readiness and other barriers.
Strengthening cyber resilience
Nevertheless, the INTERPOL report also details positive steps that many African member countries have made to strengthen their cyber resilience.
Several African countries advanced their legal frameworks, harmonizing cybersecurity laws with international standards. Many countries also enhanced their cybercrime response capabilities, investing in specialized units and digital forensics infrastructure.
This increased operational capacity was demonstrated in two high-impact international cybercrime operations coordinated by INTERPOL – Operation Serengeti and Operation Red Card – which collectively led to more than 1,000 arrests and the dismantling of hundreds of thousands of malicious networks.
To further improve Africa’s cybercrime response capabilities, the INTERPOL report proposes six strategic recommendations, including improving regional and international cooperation, expanding prevention and public awareness, and leveraging emerging technologies.
INTERPOL’s Africa Cyberthreat Assessment is part of the Organization’s African Joint Operation against Cybercrime (AFJOC) initiative, which is aimed at strengthening the capability of African law enforcement to prevent, detect, investigate and disrupt cybercrime. The AFJOC initiative is supported by the United Kingdom’s Foreign, Commonwealth and Development Office.
In addition to information gathered from INTERPOL member countries in Africa, the Assessment benefits from data contributed by private sector partners Bi.Zone, Group-IB, Kaspersky and Trend Micro.
Download the INTERPOL’s 2025 Africa Cyberthreat Assessment Report via the link below.
