AGCG Genuine
Consulting Group

The report Africa Cyberthreat Assessment Report 2025 from INTERPOL highlights a notable acceleration of cyber threats in Africa. Central Africa — Cameroon, Gabon, Congo, DRC, Chad, CAR, Equatorial Guinea — is facing a rare combination of high exposure and limited capabilities.

Rapid digitalization, vulnerable critical infrastructures, mobile money dependency, low SecOps maturity: these are factors that amplify opportunities for cybercriminals and APT groups.

Analyses from Group-IB and Mandiant show a significant rise in ransomware attacks in the MEA region (+60 to +70%).

The most targeted sectors in Central Africa:

• Banks & financial institutions
• Telecom operators
• Energy & critical infrastructures
• Public administrations

The lack of incident response capabilities increases downtime, amplifying the economic and operational impact.

INTERPOL’s operations, including Operation Serengeti, reveal the growing importance of digital scams: BEC, financial fraud, sextortion, phishing targeting mobile money.

The most common patterns:

• Payment diversion via email compromise
• Massive banking phishing & smishing
• Sextortion targeting individuals & executives

The lack of strong authentication and low regional awareness contribute to the rapid expansion of these attacks.

Reports from Kaspersky Cyberthreat Landscape show a continuous increase in web attacks: phishing, spyware, banking trojans, infostealers targeting businesses.

• High local threats (Cameroon in the continental top)
• Spyware and infostealers on the rise
• Heterogeneous and rarely patched Windows systems

For organizations: deploying appropriate EDR/XDR solutions tailored to local constraints and strengthening digital hygiene is imperative.

Several analyses (Group-IB, MITRE ATT&CK) observe an intensification of espionage operations and advanced attacks (APT) targeting critical infrastructures in Central Africa: energy, telecom, public institutions.

These operations, less visible than ransomware, represent a strategic risk: political stability, continuity of public services, digital sovereignty.

• Limited institutional capacities (CERTs, cyber laws, skills)
• Fragmented & poorly governed IT ecosystems
• Heterogeneous & rarely updated tech infrastructure
• Dependence on mobile money and unsecured services
• Low training of leaders in cyber risks

These factors create a very favorable environment for malicious actors, from opportunistic cybercrime to international APT groups.

"Central Africa is one of the regions where the gap between cyber exposure and defense capabilities is the highest in the world."

— AGCG Genuine Consulting Group

Cyber threats in Central Africa are rapidly accelerating, fueled by the combination of intense digitalization, limited institutional capacities and fragmented IT ecosystems.

For public and private organizations in the region, the priority is to build adapted SecOps capabilities, strengthen identity & messaging security, and invest massively in awareness.

Cyber mastery is not just a technical issue — it is a pillar of stability, sovereignty, and economic development for Central Africa.

• INTERPOL – Africa Cyberthreat Assessment (See)
• Group-IB – Hi-Tech Crime Trends (See)
• Kaspersky – Africa Cyberthreat Landscape (See)
• MITRE ATT&CK Framework (See)
• UNDP – Cybersecurity Africa Program (See)