KEY POINTS

• Microsoft warns Nigeria of AI-powered cyber attacks targeting critical sectors.

• 52 percent of incidents in Africa are driven by ransomware and extortion.

• Cybercrime losses surged to $484 million across 19 African nations.

Nigeria’s expanding digital economy is now at a critical crossroads. A new Microsoft analysis has found that the country and much of Africa is under an accelerating onslaught of cyber threats motivated by financial reasons and AI-powered deception.

According to the Microsoft Digital Defense Report 2025, ransomware and extortion are responsible for 52 percent of cyber events in Africa. Nigeria is one of the countries that gets hit the most.

Cybersecurity experts say that local businesses, hospitals, and governmental institutions are becoming more exposed since they don’t have enough money, their infrastructure is old, and people don’t know enough about it.

“Cybercrime is a universal threat. Nigeria must treat cybersecurity as a national imperative,” said Dr. Adewale Adeyemo, a cybersecurity expert.

Microsoft flags Africa as cybercrime ‘proving ground’

Microsoft’s report describes Africa as a “proving ground” for new cyber threats, with attackers refining their tools before deploying them globally.

“Attackers are now using AI to craft localized phishing messages, impersonate trusted individuals, and exploit everyday platforms,” said Kerissa Varma, Microsoft’s Chief Security Advisor for Africa.

The company’s data drawn from over 100 trillion daily security signals shows a surge in attacks targeting West and North Africa, with hackers increasingly focusing on critical services such as healthcare, education, and government systems.

Microsoft found that in 80 percent of the cases they looked into, the attackers were trying to steal data, mostly for money rather than for spying.

The World Economic Forum’s Cybercrime Impact Atlas (2025) underscores the growing crisis: arrests have risen in 19 African countries, but total cybercrime losses have ballooned from $192 million to $484 million, and victims have nearly tripled.

AI fuels new wave of cyber attacks

Microsoft’s Chief Information Security Officer, Igor Tsyganskiy, warned that AI has become a “game-changer for attackers. Cybercriminals now use AI to automate phishing, scale social engineering, and create adaptive malware,” Tsyganskiy said.

Nation-state actors are also exploiting AI to advance geopolitical objectives—targeting communications, research, and academic institutions.

The report linked cyber attacks in Nigeria to real-world consequences, including delayed emergency care, school disruptions, and halted transport systems. Ransomware attackers do this because they know that many important services rely on digital platforms.

Tsyganskiy emphasized that phishing-resistant multi-factor authentication (MFA) can block over 99 percent of identity-based attacks, even when attackers know users’ credentials. He urged Nigerian businesses and government agencies to adopt simple but effective measures:

• Implement phishing-resistant MFA

• Update software and systems regularly

• Invest in cybersecurity training

• Collaborate with peers and regulators

• Conduct regular security audits and response simulations

“Cybersecurity is a shared defensive priority,” Tsyganskiy said. “Governments must build frameworks with real consequences for malicious activity. Defensive measures alone aren’t enough to deter nation-state adversaries.” Finally he added that international cooperation is key to stopping the spread of cybercrime and AI-driven attacks.