Nigeria’s digital landscape may become under siege, if nothing is quickly done to tame the tide of cyber attacks targeting the country in particular and entire continent in general. Cyber attacks driven by financial gain, according to a new Microsoft report have surged, with 52% of incidents motivated by extortion or ransomware.
The country’s growing digital economy has made it a prime target for cybercriminals and local businesses as well as critical services are said to be vulnerable due to limited cybersecurity budgets and outdated software.
A cybersecurity expert, Dr Adewale Adeyemo was quoted recently to have said that Cybercrime is a universal threat, and that Nigeria must prioritize cybersecurity as a national imperative.
His assertion resonates with a recent Microsoft’s Digital Defense Report which reveals a disturbing trend that “Africa isn’t just a target, it has become a proving ground for the latest cyber threats”.
Follow us on WhatsApp | LinkedIn for the latest headlines
The report, offered a sweeping view of the global cyberthreat landscape and providing critical insights for business leaders across Africa.
Drawing from Microsoft’s unique vantage point and over 100 trillion daily security signals, the report highlights a significant expansion in the reach of cybercriminals over the past year, with a growing focus on west and North African countries. It also details how nation-state actors are refining their methods, harnessing artificial intelligence, exploiting trusted platforms, and targeting high-value industries with remarkable accuracy.
Kerissa Varma, Microsoft’s Chief Security Advisor for Africa said: “We’re witnessing attackers harness AI to craft phishing messages tailored to local languages and cultural contexts, impersonate trusted individuals, and exploit the very platforms we depend on. Many of these advanced tactics are first tested right here on the continent.”
Last year, in 80% of the cyber incidents investigated by Microsoft’s security teams, attackers targeted data theft, a trend primarily motivated by financial gain rather than intelligence gathering.
According to the World Economic Forum’s Cybercrime Impact Atlas Report 2025, arrests have increased across 19 African countries.
However, the overall impact of cybercrime escalated sharply: the total value of cybercrime surged from $192 million to $484 million, and the number of victims jumped from 35,000 to 87,000.
The report said that Opportunistic criminals exploit vulnerabilities, targeting critical services and sensitive data.
In Nigeria, Critical services like hospitals, governments, and research institutions are prime targets. These institutions store sensitive data and often have limited cybersecurity resources.
Reports are prevalent, where cyber attacks have disrupted emergency services, canceled school classes, and halted transportation systems. Ransomware actors target critical sectors, knowing victims will pay to restore services.
According to Microsoft’s Chief Information Security Officer, Igor Tsyganskiy,
“In the past year, cyber attacks on these sectors had real-world consequences, including delayed emergency medical care and disrupted emergency services” .
AI-Powered Attacks
Another trend which has given cyber attackers a lot of leverage included the prevalence of Artificial Intelligence. Cybercriminals leverage AI for phishing, social engineering, and malware, and Tsyganskiy said: “AI is a game-changer for attackers, so we must stay ahead.”
Microsoft said it also discovered that Nation-State actors now use AI to boost their attacks by automating phishing, scaling social engineering, creating synthetic media, finding vulnerabilities faster, and creating malware that can adapt itself.”
“Geopolitical objectives continue to drive a surge in state-sponsored cyber activity, with a notable expansion in targeting communications, research and academia,” says Tsyganskiy.
Simple Solutions
Phishing-resistant MFA blocks 99% of identity-based attacks. Regular software updates and cybersecurity awareness can prevent breaches.
“Implementing phishing-resistant MFA can stop over 99% of identity-based attacks, even if attackers have correct usernames and passwords,” says Tsyganskiy.
Sign up for free AllAfrica Newsletters
Get the latest in African news delivered straight to your inbox
Call to Action
Nigeria must prioritize cybersecurity. Businesses and individuals must take proactive steps to protect themselves. “Cybersecurity is a shared defensive priority,” says Tsyganskiy.
However, the software giants have some recommendations. According to Tsyganskiy, corporate organisation, public corporations and private individuals must Implement phishing-resistant MFA, regularly update software and systems, invest in cybersecurity awareness and training, and try as much to collaborate with industry peers and governments. He also advised that they develop incident response plans and conduct regular security audits
His view is that governments must explore International Cooperation.
“Governments must build frameworks that signal credible and proportionate consequences for malicious activity. International cooperation is crucial to combat cyber threats.
“Security is not only a technical challenge, but a governance imperative,” says Tsyganskiy. “Defensive measures alone are not enough to deter nation-state adversaries.” He added.
