Nigerian companies record 2nd highest percentage of global cyberattacks

by | Jul 17, 2020

It’s the year of the pandemic, and besides the ensuing economic effects, it appears companies around the globe are dealing with increased rates of cyberattacks. Unfortunately, African countries seem to be major targets.

As businesses embrace emerging technology solutions like Internet-of-Things (IoT), Artificial Intelligence, and cloud computing, their exposure to cyberattacks has increased.

In a recent survey (PDF), Sophos Group plc, a British security software and hardware company, revealed that 86% of Nigerian companies fell prey to cyberattacks within the past year. The second highest percentage recorded globally after India and much higher than in South Africa with 64%.

This survey made use of data from 65 Nigerian companies that host data on public cloud-based services like Azure, Oracle, AWS, Alibaba cloud, and others.


This means, about 56 out of 65 companies fell prey to various forms of cyberattacks such as malware, ransomware, and data leaks over the past year.

According to Sophos’ report, Nigeria had the highest percentage of data leakages worldwide, and ranks in the top five for other forms of attacks: Ransomware, malware, cryptojacking.

Here is the percentage breakdown of cyberattacks on Nigerian companies according to Sophos’ survey.

  • Data leaks: 57% reported exposed data
  • Malware – 5th: 47% reported malware attacks
  • Ransomware – 5th: 34% of companies hit with ransomware
  • Stolen account credentials – 2nd: 46% reported stolen credentials
  • Cryptojacking – 2nd: 26% reported cryptojacking

It is important to note that fewer companies were surveyed in Nigeria compared to several others on the list like South Africa (157) or India (227)

Surveyed countries sophos

Countries surveyed in Sophos’ report; Source: Sophos

How were companies attacked?

The surveyed companies got hacked through varying methods. For Nigeria, the major loophole was through a misconfiguration in the company’s server. About 64% of companies were attacked through this means, while 36% was through stolen credentials.


How companies across the globe were attacked. Source: Sophos Whitepaper

While this is not good news, this trend is hardly surprising. Other research bodies also tell similar stories.

A 2019 report by Serianu revealed that Africa lost $3.5 billion to cyberattacks. In that report, Nigeria was the hardest hit with losses of $649 million, followed by Kenya with $210 million, and Tanzania with $99 million.

Global consulting firm, Deloitte, asserts cyberattacks in Nigeria were fewer in 2019, but losses were much higher. A trend the global audit firm expects to continue in 2020.


Why is this happening?

Knowbe4, a security training solutions provider, asserts that the growth of digital services in Africa’s largely unregulated environment has made the continent an easy target for cyberattacks.

In our earlier piece, we revealed that hackers now have access to data from some major Nigerian universities, and from our findings, none of them seemed to care. This is despite the existence of the Nigerian Data Protection Regulation (NDPR), that’s meant to make organisations handle data more responsibly.

Cybersecurity has been a pesky puzzle amongst Nigerian companies, and it has largely been treated with secrecy. Most of them hardly report data breaches, and companies rarely share information with each other when they happen.

Deloitte asserts that in 2020, Nigerian companies will begin to collaborate more to tackle issues of fraud and cyber threats, and so far, a few efforts have been made.

A few months ago, Voyance, a Nigerian data science startup launched Sigma, a somewhat collaborative platform that could help fintech companies blacklist cybercriminals and share the information.

Another Nigerian Startup, also operates a similar method to help tackle fintech fraud.

On training employees and serious regulatory backing

26683792493 9db306b205 b

Photo Credit: weiss_paarz_photos Flickr via Compfight cc

However, in our discussion with a founder of a defunct fintech startup, such initiatives will also need the efforts of regulators to yield the desired results.

Small companies, as well as large organisations, still experience cyberattacks, and solutions might not be arrived at in individual bubbles.

Sophos’ report reveals that European countries were the least attacked globally, a scenario the firm attributed to the continent’s General Data Protection Regulation (GDPR).

Interesting strides have been made with Nigeria’s NDPR, but it appears more efforts towards implementation is needed to make Nigeria more resilient to cyberattacks.

Also, as companies find ways to ensure that they are NDPR compliant, Microsoft recommends that employees are given sufficient training to make them the first line of defence against cyberattacks.

Considering the effects of the pandemic, and the growing digital adoption, this should be taken seriously by both businesses and regulators alike.

Featured Image Credit: Visual Content Flickr via Compfight cc

Emmanuel Paul
Emmanuel Paul

Writer and Narrator.  Tech, business and policies fills my head. Looking to chat? Catch up with me (@eruskkii) on Twitter or send a mail to

On January 22, 2022, be part of the largest gathering of innovators, startup founders, thinkers, programmers, policymakers, and investors in West Africa. Register free.

Notify of
Inline Feedbacks
View all comments

Recent News

Uber’s bet on ‘Okada’

Uber’s bet on ‘Okada’

Today on #TechpointDigest, @nifemeah discusses Uber’s launching its motorbike hailing service, UberMoto, in Ibadan.

Subscribe to Techpoint Digest!

A daily 5-minute roundup of happenings in African and global tech, sent directly to your email inbox, between 5 a.m. and 7 a.m (WAT) every week day!

Please check your email to confirm your subscription.

Subscribe to Crypto Explorer

A monthly series featuring in-depth analysis on the cryptocurrency sector in Africa

Please check your email to confirm your subscription.

Subscribe to The Experts

A bi-weekly where tech career specialists take us on their journey from newbie to expert, and how they became successful in the industry.

Please check your email to confirm your subscription.

Subscribe to Founder's Table

A monthly series, where we catch up with founders in the startup ecosystem, learn about their failures, successes and a few tricks of the trade

Please check your email to confirm your subscription.

Copy link
Powered by Social Snap