Cybersecurity 10 min read

The Cyber Threat Landscape in East Africa: 2025 Report

Ransomware attacks on East African organizations grew 180% in 2024. Our security team analyzes the trends, threat actors, and what businesses must do now.

ZA
Zara Ahmed
Head of Cybersecurity·January 22, 2025

East Africa's rapid digital transformation has brought extraordinary opportunity — and extraordinary risk. In 2024, our Security Operations Center monitored a 180% year-over-year increase in ransomware incidents targeting organizations in Kenya, Tanzania, Uganda, and Ethiopia. This report summarizes the key threat trends and the actions every organization must take now.

The dominant threat vector in 2024 was phishing — specifically, highly targeted spear-phishing campaigns that impersonated senior executives, tax authorities, and banking institutions. These attacks bypassed traditional spam filters because they were personalized, timely (often sent during tax filing periods or regulatory deadlines), and technically sophisticated.

Ransomware-as-a-Service (RaaS) groups increasingly targeted African organizations in Q3 and Q4 2024, recognizing that security maturity is lower and willingness to pay ransoms may be higher due to inadequate backup strategies. Manufacturing, logistics, and healthcare organizations were the most targeted sectors.

Business Email Compromise (BEC) remains a persistent threat, particularly in financial services and real estate. We observed a new pattern: attackers compromising a supplier's email account and then inserting fraudulent payment instructions into legitimate invoice threads — often for months before detection.

The most important actions organizations should take immediately: implement Multi-Factor Authentication (MFA) on all external-facing systems without exception; conduct quarterly phishing simulations with real consequences for failures; ensure offline backups are tested for restorability monthly; and deploy Endpoint Detection and Response (EDR) tools on all workstations and servers.

Looking ahead to 2025, we expect AI-powered attacks to increase significantly. Deepfake audio is already being used in CEO fraud attempts, and AI-generated phishing content is becoming indistinguishable from legitimate correspondence. Organizations that don't invest in security awareness training and next-generation detection tools will face escalating risk.

CybersecurityAqbal TechnologiesEnterpriseAfrica
ZA
Zara Ahmed
Head of Cybersecurity

A technology specialist at Aqbal Technologies with deep expertise in enterprise digital transformation across East Africa and beyond.

Back to all insights

More Insights

AI & Machine Learning 7 min read

Generative AI in the Enterprise: Beyond the Hype to Real ROI

As GenAI tools proliferate, boards are asking the hard question: where's the value? We break down the use cases delivering measurable returns in 2025 — and the ones that aren't.

Cloud Solutions 5 min read

5 Myths About Cloud Migration That Are Costing African Businesses

From 'the cloud is always cheaper' to 'migration takes years' — we debunk the most common misconceptions holding enterprises back from cloud transformation.

ERP & CRM 8 min read

Why 70% of ERP Implementations Fail — and How to Be in the 30%

After dozens of Dynamics 365 implementations, we know exactly where projects go wrong. Here are the critical success factors no one talks about.