The African Perspectives on Cyber Security Report 2025, released by Check Point Software Technologies, indicates that Nigeria records an average of 4,200 cyberattacks weekly.
According to the report, this figure is higher than the continental average of 3,153 and about 60 per cent above the global baseline of 1,963 attacks per organisation per week.
The report linked Nigeria’s ranking to exposed identities, misconfigured systems and the growing use of artificial intelligence by cybercriminals.
Check Point Software Technologies, a global cybersecurity solutions provider, said the report marked a critical step in addressing the most pressing cyber threats and trends of 2025.
These threats include the destructive nature of cyber wars, evolving ransomware tactics, the rising tide of infostealers, increased targeting of edge devices and vulnerabilities within cloud infrastructures.
The report identified key sectors targeted by cybercriminals exploiting exposed identities and misconfigured systems as finance, energy, telecommunications and government departments.
Cyberattacks have become a major global data security concern and, according to the Global Threat Index, attacks on government agencies and organisations are rising in Nigeria.
The Cyber Security Experts Association of Nigeria has warned of a potential increase in insider threats in the coming years, driven largely by the malicious use of artificial intelligence.
Experts say that beyond data theft, cyberattacks cause productivity losses, business disruptions and reduced investor confidence. They argue that the situation calls for a shift from reactive to predictive security by embedding protection into digital systems from the outset.
They also stress that collaboration with law enforcement agencies is crucial to effectively tackle and prosecute cybercrimes.
This underscores the importance of the Cybersecurity Act 2024 (originally enacted in 2015), which provides a comprehensive legal, regulatory and institutional framework for the prohibition, prevention, detection, prosecution and punishment of cybercrimes.
The Act also aims to protect critical national information infrastructure and promote cybersecurity, including the protection of computer systems and networks, electronic communications, data, computer programmes, intellectual property and privacy rights.
It established the Cybercrime Advisory Council (CAC), comprising representatives of relevant Ministries, Departments and Agencies listed in its First Schedule.
The council is responsible for formulating general policy guidelines for preventing and combating cybercrimes and promoting cybersecurity in Nigeria.
As chairman of the council, the National Security Adviser, Malam Nuhu Ribadu, has reiterated the commitment to implementing the National Cybersecurity Policy and Strategy (NCPS), which provides the operational framework for the Act.
Some stakeholders say the current administration has shown interest in securing Nigeria’s cyberspace, including developing a protection plan for Critical National Assets and Infrastructure (CNAI).
They cite the Designation and Protection of Critical National Information Infrastructure (CNII) Order, 2024, signed by President Bola Tinubu, as evidence of the government’s commitment to addressing cyber threats.
Nigeria is also among 114 countries that have adopted national cybersecurity strategies and 118 that have established Computer Security Incident Response Teams (CSIRTs).
Cybersecurity experts say protecting CNII is central to national security, noting that a robust digital economy depends heavily on effective cybersecurity.
They warn that cybercriminals now target critical infrastructure such as oil pipelines, communication facilities, hospitals and military installations, elevating cybersecurity to a key national security concern.
The establishment of the Nigerian Computer Emergency Response Team (ngCERT) and the National Digital Forensic Laboratory has also been commended as part of efforts to combat cybercrime.
However, experts argue that given the cross-border nature of cyber threats, stronger synergy and international collaboration are required to address the growing challenge.
Mr Jude Olabori, a cybersecurity expert, said unlocking Nigeria’s digital economic potential depends largely on cybersecurity, which itself relies on cooperation and sustained support.
“Section 41(2)(b) provides for the conformity of Nigerian cybercrime and cybersecurity laws with regional and international standards.
“The objective is to support and participate in international cooperation to address the menace of cybercrime,” he said.
Others note that the five pillars of the Ministry of Communications, Innovation and Digital Economy’s Strategic Agenda (2023–2027) can only drive economic growth if anchored on strong cybersecurity.
Mr Charles Oluma, another cybersecurity expert, said none of the pillars would succeed without a resilient security framework.
“The five pillars Dr Bosun Tijani, the Minister of Communications, Innovation and Digital Economy, is building the digital economy on are knowledge, policy, infrastructure, innovation and capital, and trade.
“He has said the ministry aims to become a reputable public-sector ecosystem that enables economic growth through enhanced productivity driven by technology.
“None of these pillars can thrive in the absence of a strong and continuously evolving national cybersecurity framework,” Oluma said.
In November, Surfshark, an Amsterdam-based cybersecurity firm, reported that Nigeria ranked 16th among the most breached countries in Q3 2025, with 408,900 leaked accounts.
Surfshark’s Senior Product Manager, Sarunas Sereika, said the growing use of AI tools means even minor data breaches can be exploited at scale.
“Previously, exploiting leaked data required significant technical skills, but AI has lowered the barrier.
“AI now allows malicious actors to quickly analyse and weaponise seemingly insignificant data, turning leaked names, addresses and preferences into highly personalised attacks,” he said.
According to Cybersecurity Ventures, global digital economic growth is projected to reach 10.5 trillion dollars annually this year, a development that also implies a rise in the cost of cybercrime.
While some stakeholders argue that rising cyberattacks reflect increased digital activity, experts caution that Nigeria cannot afford to be seen as a country with weak cybersecurity.
The vision of the NCPS is “a safe, secure, vibrant, resilient and trusted cyberspace that provides opportunities for citizens, safeguards national assets and interests, and promotes peaceful engagement for national prosperity.”
Key findings of the African Perspectives on Cyber Security Report show that attackers increasingly use AI for sophisticated phishing, identity theft, ransomware and exploitation of cloud vulnerabilities.
The report concluded that attackers are outpacing existing security frameworks as digitalisation expands, stressing the need for preventive and collaborative security built on strong legal frameworks and trust in digital transformation.
Experts believe that with strong political will and strict implementation of the Cybersecurity Act 2024, Nigeria’s cybercrime challenge can be effectively addressed.
(NAN FEATURE)
