Angola Most Attacked Country In September 2025

No photo availableByStaff Writer
4 min read
Organisations face an average of 2,902 attacks per week, with telcos, government and consumer goods & services among the most targeted industry sectors.
cybersecurity
Hacker in data security concept. Hacker using laptop. Hacking the Internet. Cyber attack.

Africa remains the most targeted region for cyberattacks, with an average of 2,902 attacks per organisation per week. Check Point Research, the threat intelligence arm of Check Point Software Technologies Ltd., released its Global Threat Intelligence Report for September 2025, revealing that the telecommunications, government, and consumer goods and services industries are the most targeted on the continent.

Angola was the most attacked in September with 3,045 weekly attacks per organisation (-54 per cent YoY), followed by Kenya with 3,000 (-21 per cent YoY), Nigeria with 2,749 (-32 per cent YoY) and South Africa with 2054 (+26 per cent YoY).

The report also shows that organisations worldwide each faced an average of 1,900 cyberattacks per week.

“We are deeply concerned about the continent’s vulnerability to cyberattacks. Especially as many of the attacks in September were prompted by the use of Generative AI,” says Lorna Hardie, Regional Director: Africa, Check Point Software Technologies. “The only sustainable defence is a prevention-first strategy powered by real-time AI, ensuring protection across the network, cloud, endpoints, and identities. Only through this approach can organisations stay ahead and protect critical operations from relentless adversaries,” she adds.

GenAI Introduces New Data Exposure Risks

With the rising use of GenAI across all sectors, Check Point Research identified emerging risk from GenAI adoption: 1 in every 54 GenAI prompts from enterprise environments posed a high risk of sensitive data leakage, impacting 91 per cent of organisations that use GenAI tools regularly.

An additional 15 per cent of prompts contained potentially sensitive information, such as customer details, proprietary code, or internal communications, underscoring the growing need for AI governance and data protection measures.

Looking at the impact on the sectors, the education sector once again was the most targeted globally, experiencing an average of 4,175 weekly attacks per organisation in September (–3 per cent (YoY). This consistent targeting reflects both the sector’s rapid digital transformation — which expands its attack surface — and its typically underfunded cybersecurity defences, which make it a frequent and easy target for cybercriminals.

The telecommunications industry, vital to business continuity and consumer connectivity, suffered 2,703 weekly attacks per organisation (+6 per cent YoY), highlighting its dual role as critical infrastructure and an access point to downstream targets. Government institutions, a long-standing focus for both criminal and nation-state actors, recorded 2,512 weekly attacks (–6 per cent YoY).

While regionally, Africa reported the highest average number of weekly cyberattacks per organisation, no continent was spared. Latin America had an average of 2,826 per organisation per week (+7 per cent YoY), APAC 2,668 (–10 per cent YoY), with Europe registering 1,577 weekly attacks (–1 per cent YoY), while North America stood out with a 17 per cent year-over-year surge to 1,468 weekly attacks, driven in part by a sharp increase in ransomware incidents.

North America Leads In Ransomware Attack Growth

Ransomware remained one of the most disruptive and financially damaging cyber threats, with 562 publicly reported incidents globally in September, up 46 per cent year-over-year. North America was the most affected region, accounting for 54 per cent of reported cases, followed by Europe (19 per cent).

By industry, the Construction & Engineering sector was the most impacted sector by ransomware, representing 11.4 per cent of reported victims, closely followed by Business Services (11 per cent) and Industrial Manufacturing (10.1 per cent). Other sectors, including Financial Services, Healthcare, and Consumer Goods, were also significantly affected, illustrating ransomware’s broadening scope.

Leading ransomware groups included Qilin (14.1 per cent of attacks), Play (9.3 per cent), and Akira (7.3 per cent). Qilin, one of the most established RaaS (Ransomware-as-a-Service) groups, continues to expand aggressively, while Play and Akira are increasingly targeting critical sectors like manufacturing and business services using Rust-based encryptors and advanced runtime controls.

Omer Dembinsky, Data Research Manager at Check Point Research, says, “September’s threat data shows that while the overall volume of attacks has eased slightly, the impact and sophistication of cyber threats are intensifying. Ransomware remains the most destructive force, while the emergence of GenAI-related data leakage adds a new dimension of risk for organisations. Cybercriminals will likely seek to exploit every innovation faster than users can adapt.”

Leave a Reply

Your email address will not be published.

Do you have a story that you think would interest our readers? Write to us editorial@cioafrica.co