Kaspersky Highlights Rising Cyber Threats in Africa at GITEX Africa 2025

As the digital landscape across Africa continues to expand, businesses and individuals alike face a growing number of cybersecurity threats. Kaspersky, a global leader in cybersecurity, is set to address these mounting challenges at the upcoming GITEX Africa conference, held in Morocco from April 14-16, 2025. Kaspersky will present its latest findings from the Kaspersky Security Network (KSN), focusing on cyber threats that have been increasingly targeting the African region, as well as offering solutions to mitigate these risks.

The Growing Cyber Threat Landscape in Africa

From 2023 to 2024, African businesses were significantly impacted by various forms of cyber threats, including web-based attacks, on-device malware, and data theft attempts. These threats range from phishing and ransomware to spyware and password stealers, all of which have caused considerable damage to organizations and individuals across the continent.

Kaspersky’s data reveals a staggering 66 million phishing link clicks recorded in the region during 2024. Corporate users were particularly targeted, with over 14.8 million of these clicks coming from businesses. Phishing and ransomware remain persistent threats, with cybercriminals leveraging social engineering tactics to deceive victims into disclosing sensitive information or installing malicious software.

Web-Based Threats Surge in Africa

Web-based threats, or online threats, continue to be one of the most prevalent forms of cyberattacks in Africa. According to Kaspersky, the region saw over 131 million web threats in 2024, marking a significant rise from previous years. This includes nearly 20 million attack attempts in Kenya, 17 million in South Africa, and 12.6 million in Morocco. The increase in threat detections was especially prominent in the B2B sector, where businesses became more frequently targeted by cybercriminals, with detections rising by 1.2% compared to 2023.

These web-based threats exploit vulnerabilities in websites and applications, often leading to devastating consequences for organizations. Attackers typically use these tactics to compromise systems, steal sensitive data, and gain unauthorized access to corporate networks.

Local Device Threats on the Rise

Local (on-device) threats, which often spread via removable USB drives, CDs, DVDs, and encrypted files, have also seen a sharp increase across the continent. Kaspersky telemetry data indicates that local threat detections increased by 4% in 2024 compared to the previous year. Certain countries experienced a dramatic spike in these types of threats, with Nigeria seeing a 169% rise in local threats, followed by Ethiopia at 86%, South Africa at 32%, Senegal at 11%, and Morocco at 9%.

These local threats are particularly concerning because they often involve malware that can infiltrate systems without the user’s knowledge, often through seemingly innocent external devices or hidden files.

Data Theft Threats: Spyware and Password Stealers

One of the most alarming trends Kaspersky has observed is the rise in data theft-related attacks, particularly involving spyware and password stealers. In 2024, Kaspersky detected a 14% growth in spyware attacks against businesses in Africa. Spyware is malicious software that secretly monitors user activities, collects sensitive information, and sends it back to cybercriminals.

Additionally, password stealers—malware designed to harvest login credentials and other personal data—saw a 26% increase in detections over the past year. These threats are especially dangerous for organizations and individuals because stolen credentials can grant attackers access to confidential data, financial accounts, and critical business infrastructure.

The Driving Forces Behind the Rise in Cyber Threats

Maher Yamout, Lead Cybersecurity Researcher with Kaspersky’s Global Research and Analysis Team, attributes the rise in cyber threats to a combination of factors. In the B2B sector, businesses are increasingly adopting hybrid work models and digitizing their operations at a rapid pace. However, this shift often outpaces cybersecurity investments, leaving organizations exposed to more sophisticated attacks, including advanced persistent threats (APTs).

In the B2C space, the explosion of digital financial services in Africa, coupled with low digital literacy rates, has created an environment where individuals are highly susceptible to opportunistic attacks. As more people in Africa embrace online banking, mobile money, and other digital financial services, they become prime targets for cybercriminals looking to exploit their lack of awareness about online threats.

The Importance of Digital Literacy and Cybersecurity Training

To address these growing cybersecurity risks, Kaspersky stresses the need for a unified approach in Africa. Organizations must prioritize collaboration, invest in specialized cybersecurity training, and promote digital literacy to safeguard the continent’s digital ecosystem.

“Organizations in Africa should be proactive by enhancing collaboration across all sectors, investing in cybersecurity education, and raising awareness about the importance of digital literacy,” said Maher Yamout. “Initiatives like the African Cyber Surge operation and targeted educational programs are crucial in building a resilient and secure digital environment across the continent.”

Recommendations for Protecting Against Cyber Threats

To help businesses and individuals stay safe online, Kaspersky has outlined a series of recommendations for enhancing cybersecurity.

For Individual Users:

• Do not download or install applications from untrusted sources.

• Avoid clicking on links from unknown sources or suspicious online ads.

• Enable two-factor authentication and create strong, unique passwords using a combination of upper and lower-case letters, numbers, and special characters.

• Keep software and security systems updated to protect against vulnerabilities.

• Ignore messages that request the disabling of office or cybersecurity software.

• Use a reliable security solution, such as Kaspersky Premium, to protect your devices.

For Organizations:

• Ensure that all software across devices is kept up to date to prevent attackers from exploiting vulnerabilities.

• Avoid exposing remote desktop services, such as RDP, to public networks unless necessary, and always use strong passwords.

• Invest in advanced solutions like Kaspersky NEXT EDR Expert, which provides comprehensive visibility across all endpoints and enables rapid threat investigation and response.

• Leverage the latest Threat Intelligence data to stay aware of evolving tactics, techniques, and procedures (TTPs) used by attackers.

• Regularly back up corporate data and ensure backups are isolated from the network to minimize the risk of data loss in case of an attack.

Kaspersky at GITEX Africa 2025

Kaspersky will be showcasing its cybersecurity solutions and providing in-depth insights into the state of cyber threats in Africa at GITEX Africa 2025. Visitors can meet Kaspersky experts at their booth in Hall 13, Stand 13C-20. Additionally, Kaspersky will deliver a keynote presentation titled “When AI/ML Fails in Cybersecurity, Humans are the Last Line of Defense” on April 15 at 2:10 PM at the Dark Stage.

As Africa continues to embrace digital transformation, Kaspersky’s participation at GITEX Africa will highlight the importance of robust cybersecurity strategies to protect against the rising tide of cybercrime. The company’s latest findings emphasize the need for businesses and individuals to remain vigilant, adopt best practices, and prioritize cybersecurity investments to navigate the challenges of an increasingly digital world.