Organisations across Nigeria faced an average of 4,701 cyber attacks per week in January 2026, the highest in Africa.
As revealed in the latest Global Threat Intelligence report by Check Point Research, this represents a 12% increase compared with the same period last year and a slight increase from 4,622 weekly attacks recorded in December 2025.
Across the continent, the average number of attacks per organisation stood at 2,864 per week, a 6% decline year on year.
However, Nigeria and South Africa experienced intense increases, while countries such as Kenya and Angola recorded drops.
Angola saw 4,512 weekly attacks, down 7% year on year. Kenya experienced a 41% decline, with 2,172 attacks, while South African organisations faced 2,145 weekly attacks, up 36% from January 2025.
Globally, organisations experienced 2,090 weekly attacks on average, a 17% year-on-year rise. Education remained the most targeted sector worldwide, with 4,364 weekly attacks per organisation, followed by government entities at 2,759 and telecommunications at 2,647.
In Africa, government, financial services, and consumer goods and services were the sectors most under threat.
Ian van Rensburg, head of Security Engineering for Africa at Check Point Software Technologies, said, “January’s data shows that cyber-attacks are not only increasing but becoming more refined and opportunistic.”
He urged organisations undergoing digital transformation to strengthen cybersecurity frameworks.
The report also noted risks linked to the rapid adoption of Generative AI tools. One in every 30 AI prompts submitted from corporate networks posed a high level risk of exposing sensitive data, affecting 93% of organisations using these tools.
Prompts usually contained internal documents, personal identifiers, customer information, or proprietary code.
On average, organisations employed ten different AI tools monthly, many operating outside formal governance structures, increasing the risk of accidental data leaks and ransomware attacks.
The Nigerian government has responded to the high cyber threats with plans to implement a new cybersecurity framework in 2026.
The framework will mandate minimum cybersecurity spending, introduce timelines for reporting data breaches, and establish systems for sharing threat intelligence between public and private sectors.
Kashifu Inuwa, director-general of the National Information Technology Development Agency, noted that many organisations underinvest in cybersecurity, assuming they are unlikely targets.
The peak in cyber attacks in January 2026 alone reemphasises the need for both public and private organisations in Nigeria and other countries, to adopt proactive cybersecurity measures as digital adoption speeds up across banking, fintech, telecommunications, and public services in Nigeria.
