According to global cybersecurity company ESET's bi-annual Threat Report, South Africa is the most targeted country in Africa for infostealer and ransomware attacks. Data and insight collected between June and November 2024 revealed that over 40 of ransomware attacks and just under 35 of infostealer incidents on the continent occurred in South Africa. Across Africa, phishing remains the top threat, making up 34 of all detected attacks.
Being at the forefront of the continents digital transformation and having a relatively strong economy puts South Africa in the crosshairs for sophisticated cyber-attacks. Cybercriminals know that businesses, governmentand individuals store a significant amount of their information online, which means ample opportunity for attacks. Given the country's economic status, they are also likely to be able to pay ransoms and meet demands, says Chief Security Evangelist at ESET, Tony Anscombe .
In June 2024, South Africas National Health Laboratory Service NHLS reported that it was hit with a ransomware attack, which disrupted its systems, deleted backups, and stole 1.2 terabytes of data in the middle of dealing an mpox outbreak. The breach also put millions of patients'sensitive medical data at risk. More recently, in January 2025, the South African Weather Service disclosed that its ICT-base systems were disrupted by an attack led by ransomware-as-a-service group RansomHub who have racked up hundreds of victims since they were first detected in early 2024.
Will AI ever dream or imagine? Our Editor explores the possibilities.