Top 10 cyberattacks that targeted African organisations in 2024

African organisations have experienced a series of cyberattacks in 2024, impacting sensitive data and causing disruptions across various sectors.

These attacks, including ransomware, DDoS (Distributed Denial of Service) incidents, and data breaches, have affected government institutions, financial organisations, and telecommunications companies across the continent.

The recent attacks highlight the growing vulnerability of African organizations to sophisticated cyber threats. Both the public and private sectors are facing increasing risks. These breaches compromise sensitive information and disrupt essential services, affecting millions of people.

Read also: Cyberthreats mount as Nigerian banks record 18,872 attacks monthly

Experts suggest that African nations must invest more in cybersecurity infrastructure and adopt stronger protective measures to defend against such attacks. The financial, social, and reputational damage caused by these incidents can be significant.

The financial sector is the second most targeted after government entities, with the most digitally developed countries in Africa, including Nigeria, Egypt, South Africa, and Kenya, being the primary focus. According to Statista, these countries have Internet user bases of 103 million, 82 million, 45 million, and 23 million, respectively, making them more susceptible to cyber threats.

Data from open sources reveals that South Africa (22%) and Egypt (13%) saw a significant number of cyberattacks. The dark web frequently listed targets in South Africa (25%), Nigeria (18%), and Algeria (13%). After government institutions, the financial sector accounts for 22% of successful cyberattacks in the region.

Read also: How SMEs can protect themselves from cyberattacks

here are several major cyberattacks were reported across Africa in 2024.

1. Eneo — Cameroon

In January 2024, Eneo, Cameroon’s energy provider, was the target of a cyberattack that led to the suspension of several applications. The company confirmed a breach but refrained from sharing specific details regarding the attack. During the disruption, protective measures were put in place to limit the damage. The incident highlighted the vulnerabilities of critical infrastructure in the region.

2. GhostLocker 2.0 Attacks — South Africa and Egypt

March 2024 saw the emergence of a sophisticated ransomware attack involving the GhostLocker 2.0 malware. Groups like GhostSec and Stormous used double-extortion tactics to target organisations in countries such as South Africa, Egypt, Israel, and Lebanon. In these attacks, data was encrypted, and victims were blackmailed to pay for decryption keys. If the payment was not made, the attackers threatened to leak sensitive data. The widespread reach of the attack underlined the growing global nature of cybercrime.

Read also: Cyberattacks, data breaches cast shadow over Nigeria’s fintech growth

3. Anonymous Sudan Attacks — Telecom Companies in Uganda

On February 6, 2024, Uganda’s major telecommunications companies – Airtel, MTN, and Uganda Telecom – were hit by a wave of DDoS attacks carried out by the hacktivist group, Anonymous Sudan. These attacks disrupted their core services, with the group claiming that the incident was in protest against companies supporting the Sudanese government in the ongoing civil conflict. The attacks highlighted the geopolitical motivations behind some cyber threats.

4. Bank of Uganda

The Bank of Uganda fell victim to an offshore hacking group known as “Waste,” which breached the central bank’s systems. In the attack, the group managed to steal 62 billion Ugandan shillings (around $16.8 million). The breach raised concerns about the security of financial institutions in the country and the capacity to prevent such targeted attacks. The government confirmed the attack, underlining the severity of the breach.

5. Flutterwave — Nigeria

In April 2024, Nigerian fintech company Flutterwave experienced a security breach that led to the unauthorised transfer of funds. While the company did not reveal the exact amount stolen, reports suggested that up to ₦11 billion (around $7 million) had been compromised. The breach involved the routing of funds through several accounts in different financial institutions to evade detection. The attack prompted questions about the adequacy of security measures in Nigeria’s fintech sector.

Read also: ANALYSIS: Nigeria caught in wave of global cyberattacks

6. Telecom Namibia

December 2024 brought a serious ransomware attack against Telecom Namibia, a state-owned telecommunications provider. The attack led to the leak of sensitive customer data, including personal and financial information of government officials and private clients. The attackers, known as Hunters International, released the stolen data after the company refused to negotiate. Telecom Namibia is currently investigating the breach and implementing security measures to prevent further attacks.

7. NBS Website — Nigeria

The National Bureau of Statistics (NBS) in Nigeria was targeted by hackers in December 2024. The agency’s website was compromised and displayed a blank page with the message “Page Hacked.” NBS confirmed the attack and assured the public that efforts were underway to restore the website and secure its data. This breach raised concerns about the vulnerability of government websites and their capacity to protect critical public data.

8. Micro and Small Enterprise Authority (MSEA) — Kenya

Kenya’s Micro and Small Enterprise Authority (MSEA) was also targeted in December 2024. Hackers exposed sensitive organisational and government data on the dark web. The data, which included employee records, government communications, and financial statements, was listed for sale at $100,000. Part of the data was already downloaded, triggering fears of identity theft, fraud, and corporate espionage. The breach underscored the need for stronger cybersecurity practices in public institutions.

Read also: Small businesses fret as cyberattacks surge 89% in 4months

9. National Health Laboratory System (NHLS) — South Africa

On June 22, 2024, the National Health Laboratory System (NHLS) of South Africa was attacked, severely disrupting the public health system. The cyberattack rendered the NHLS website inaccessible for the entire weekend, halting laboratory systems, document access, and electronic sample testing. The breach disrupted critical health services, impacting both healthcare workers and the public.

10. Companies and Intellectual Property Commission — South Africa

In March 2024, the Companies and Intellectual Property Commission (CIPC) of South Africa experienced a security breach. The commission’s website, responsible for business registrations and intellectual property rights, was targeted by cybercriminals. The agency confirmed an attempted breach of its database, which contained sensitive personal information of clients and employees. The attack raised alarms about the safety of intellectual property and business data within governmental agencies.