Africa Relinquishes Cyberattack Lead to Latin America — For Now

THREAT INTELLIGENCE CYBER RISK CYBERATTACKS & DATA BREACHES ENDPOINT SECURITY NEWS Breaking cybersecurity news, news analysis, commentary, and other content from around the world, with an initial focus on the Middle East & Africa and the Asia Pacific Africa Relinquishes Cyberattack Lead to Latin America — For Now The volume of cyberattacks targeting Africa declined in the past year, with weekly attacks down 22%, as attackers seemingly shifted their focus to other regions. Robert Lemos,Contributing Writer April 23, 2026 4 Min Read SOURCE: GROUND PICTURE VIA SHUTTERSTOCK African organizations have seen fewer cyberattacks so far in 2026, compared to the previous year, as cybercriminal and espionage activity shifts to other regions, such as Latin America, according to experts. African organizations encountered an average of about 2,700 attacks per week in the first quarter of 2026, down 22% from the nearly 3,500 threat per week seen by organizations the year before, according to data from cybersecurity firm Check Point Software Technology. Despite the decrease, African organizations continue to see a higher intensity of attacks than the global average of 2,000 attacks per week, Check Point stated in its "March 2026 Cyber Threat Landscape" report. African organizations are improving in their cybersecurity preparations, just as cyberattackers are focusing elsewhere, giving the region somewhat of a respite, says Sergey Shykevich, threat intelligence group manager at Check Point Research. Related:Russia's Forest Blizzard Nabs Rafts of Logins via SOHO Routers "We are seeing a continued trend in Africa, which began in 2025, of stabilization in the number of attacks, while in other regions we see continued increase," he says. "The change in 2026 [is] both about [a] shift in attackers' targeting and improvement in cyber security maturity in Africa." The African threat landscape is quickly shifting, as cybercriminal syndicates move operations to the continent and nation-states continue to target government agencies and communications. Criminals have, for example, quickly shifted to targeting African organizations with cybercrimes, accounting for more than 30% of all reported crimes in both East and West Africa, according to Interpol's "2025 Africa Cyberthreat Assessment Report." In mid-2025, cyber attacks targeting Africa and the Asia Pacific regions started slowly declining, with other global regions seeing a trend of slowly increasing attacks. By the end of the year, Latin America overtook Africa as the riskiest region. Different Countries, Different Trends While Africa has seen an overall decrease in attacks, different countries experienced the trend differently, Check Point researchers say. Kenya and Morocco both experienced drops of more than half, while other countries, such as Ethiopia, saw significant (29%) increases in attacks. Nigeria saw the most cyberattacks in 2025 — averaging 4,200 attacks per week per organization — but the country's organizations saw 12% fewer attacks in March, according to data from Check Point's researchers.   Africa organizations are seeing 22% fewer cyberattacks compared to 2025. Source: Check Point Research The greatest declines in attack frequency were in the exploitation of vulnerabilities and the execution of distributed denial-of-service (DDoS) attacks, the firm stated. Related:Iran Hacktivists Make Noise but Have Little Impact on War In some cases, cyberattackers are seeing high-value sectors in Latin America as more promising targets, particularly healthcare and government, according to Check Point's report. Latin America holds the dubious honor of the most popular target of cyberattackers, with 3,050 weekly attacks. "Many parts of Latin America are undergoing rapid digitalization, but this is not always matched by increased investment in cyber security, leaving gaps that attract a range of attackers," says Check Point Research's Shykevich. "Ongoing geopolitical shifts in the region are also driving nation-state actors to invest more resources in targeting countries across Latin America for espionage purposes." Data Still Unclear Other cybersecurity firms see a slightly different picture. Africa may be seeing fewer attacks of some types, but not across the board, according to data from cybersecurity firm Kaspersky Lab. African users continued to be affected the most by on-device threats, with 41% of machines affected by some sort of malware, adware, or unwanted programs, while 30% of Latin American users were affected by similar threats. The dynamics of "specific threat types ... can diverge across regions: the detections for one type of threat may be increasing while another is simultaneously declining," says Marc Rivero, lead security researcher with Kaspersky’s Global Research & Analysis Team (GReAT). Kaspersky Lab worked with AFRIPOL over the past six months to train law-enforcement officers from 23 different countries in cybersecurity, security operations center (SOC) activities, and how to conduct threat hunting and investigations. Related:EU Sanctions Companies in China, Iran for Cyberattacks Whether Africa will continue to see a decline is a question mark. While Check Point's report documents "a meaningful annual decline in Africa, ... on its own, it is insufficient to determine whether this is a durable structural shift or a temporary fluctuation," says Ian Van Rensburg, head of security engineering for Africa at Check Point Software. He pointed to ransomware as an example of a threat that has not shifted to heavily targeting African organizations. Currently, 55% of ransomware targets companies and institutions in North America, while African organizations only account for 2% of the attacks. "Ransomware remained heavily concentrated in the US and other Western markets, suggesting that Africa was not a major published victim cluster in this dataset," he says. Read more about: DR Global Middle East & Africa About the Author Robert Lemos Contributing Writer Veteran technology journalist of more than 20 years. Former research engineer. Written for more than two dozen publications, including CNET News.com, Dark Reading, MIT's Technology Review, Popular Science, and Wired News. Five awards for journalism, including Best Deadline Journalism (Online) in 2003 for coverage of the Blaster worm. Crunches numbers on various trends using Python and R. Recent reports include analyses of the shortage in cybersecurity workers and annual vulnerability trends. Want more Dark Reading stories in your Google search results? ADD US NOW More Insights Industry Reports The Agentic SOC: Exploring the Practitioner Mindset as AI Permeates SecOps The Total Economic Impact™ Of Google SecOps The Business Value of Google Threat Intelligence The Total Economic Impact™ Of Google SecOps AI-driven SecOps: Transforming Financial Services Security Access More Research Webinars From AI Hype to Trusted Outcomes: Wolf's New Aurora® Superintelligence Platform and Turnkey Agentic SOC Implementing CTEM: Beyond Vulnerability Management Defending Against AI-Powered Attacks: The Evolution of Adversarial Machine Learning Tips for Managing Cloud Security in a Hybrid Environment? Zero Trust Architecture for Cloud environments: Implementation Roadmap More Webinars You May Also Like THREAT INTELLIGENCE Hackers Target Cybersecurity Firm Outpost24 in 7-Stage Phish by Jai Vijayan MAR 17, 2026 THREAT INTELLIGENCE Iran's Cyber-Kinetic War Doctrine Takes Shape by Alexander Culafi MAR 06, 2026 THREAT INTELLIGENCE React2Shell Exploits Flood the Internet as Attacks Continue by Rob Wright DEC 12, 2025 THREAT INTELLIGENCE Chinese Gov't Fronts Trick the West to Obtain Cyber Tech by Nate Nelson, Contributing Writer OCT 06, 2025 Editor's Choice VULNERABILITIES & THREATS EDR-Killer Ecosystem Expansion Requires Stronger BYOVD Defenses byRob Wright APR 14, 2026 8 MIN READ СLOUD SECURITY CSA: CISOs Should Prepare for Post-Mythos Exploit Storm byAlexander Culafi APR 13, 2026 6 MIN READ СLOUD SECURITY Navigating the Unique Security Risks of Asia's Digital Supply Chain byAlexander Culafi APR 15, 2026 3 MIN READ Want more Dark Reading stories in your Google search results? 2026 Security Trends & Outlooks THREAT INTELLIGENCE Cybersecurity Predictions for 2026: Navigating the Future of Digital Threats JAN 2, 2026 CYBER RISK Navigating Privacy and Cybersecurity Laws in 2026 Will Prove Difficult JAN 12, 2026 ENDPOINT SECURITY CISOs Face a Tighter Insurance Market in 2026 JAN 5, 2026 THREAT INTELLIGENCE 2026: The Year Agentic AI Becomes the Attack-Surface Poster Child JAN 30, 2026 Download the Collection Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox. SUBSCRIBE Webinars From AI Hype to Trusted Outcomes: Wolf's New Aurora® Superintelligence Platform and Turnkey Agentic SOC THURSDAY, APRIL 23, 2026, 2:00 PM EASTERN DAYLIGHT TIME Implementing CTEM: Beyond Vulnerability Management THURS, MAY 21, 2026 AT 1PM EST Defending Against AI-Powered Attacks: The Evolution of Adversarial Machine Learning MON, MAY 11, 2026 AT 1:00PM ET Tips for Managing Cloud Security in a Hybrid Environment? THURS, MAY 7, 2026 AT 1PM EST Zero Trust Architecture for Cloud environments: Implementation Roadmap TUES, MAY 12, 2026 AT 1PM EST More Webinars White Papers Reinventing the SOC with agentic AI Enhancing SecOps with Google Threat Intelligence Enhancing SecOps with Google Threat Intelligence Enhancing SecOps with Google Threat Intelligence Reinventing the SOC with agentic AI Explore More White Papers BLACK HAT ASIA | MARINA BAY SANDS, SINGAPORE Experience cutting-edge cybersecurity insights in this four-day event featuring expert Briefings on the latest research, Arsenal tool demos, a vibrant Business Hall, networking opportunities, and more. Use code DARKREADING for a Free Business Pass or $200 off a Briefings Pass. GET YOUR PASS GISEC GLOBAL 2026 GISEC GLOBAL is the most influential and the largest cybersecurity gathering in the Middle East & Africa, uniting global CISOs, government leaders, technology buyers, and ethical hackers for three power-packed days of innovation, strategy, and live cyber drills. 📌 BOOK YOUR SPACE