International Cybersecurity

Cyber Capabilities in Africa – Between Growth and Cyber Threats

Cyber Capabilities in Africa – Between Growth and Cyber Threats

Hybrid threats such as espionage, disinformation, election interference, and cyberattacks on critical infrastructure are increasing and becoming ever more sophisticated. Due to the progressive digitalization of state and societal structures, it is foreseeable that the dangers posed by cyberattacks will continue to grow in the future. This requires states in particular to prioritize cybersecurity as a national priority and to build a robust cyber architecture. While major powers such as the US or China are investing continuously more resources in developing cyber capabilities, the question arises of how states with resource constraints are coping with growing cyber threats. After all, vulnerability is particularly pronounced here:

Africa in the Focus of Increasing Cyberattacks

Among the top 20 countries most affected by cyberattacks worldwide, no fewer than eight are African states, including Ethiopia (1st place), Ghana (16th place), and Zimbabwe (5th place). African states are disproportionately affected by cyberattacks, yet they often possess limited defensive capabilities. This makes it particularly easy for authoritarian states to access and exploit sensitive data, undermining the political and economic development of many African countries.

Evidence of the scale of cyber threats indicates that African states, in particular, are increasingly affected. In May 2025, Interpol documented in its “Africa Cyberthreat Assessment Report” that connectivity and digital innovation on the continent are growing, but so is the complexity of cross-border and increasingly sophisticated cyber threats. Cybercrime is reportedly responsible for a medium to high share of documented criminal offenses. In West and East Africa, the share is even above 30%. The dominant threats include malware, particularly ransomware, and online fraud such as phishing. Ransomware attacks in particular represent a significant financial burden, affecting countries such as South Africa and Egypt.

The Global Cyberthreat Index (GCI) by the International Telecommunication Union (ITU) also impressively demonstrates that, in a global comparison, African countries such as Ethiopia, Zimbabwe, Angola, Uganda, Nigeria, Kenya, Ghana, and Mozambique are particularly vulnerable to cyber threats. In Zambia alone, cases of online fraud increased by 2,900 percent in 2024 compared to the previous year. Kenya also recorded over 4.5 billion cyberattacks between April and June 2025, an increase of 80.7 percent compared to the same period in 2024. Thereby, the telecommunications, financial, and government infrastructure sectors were particularly affected.

Challenges in Building Capabilities

In security policy circles, it is often said that “every country can develop cyber capabilities today” – in practice, however, this is not equally achievable for all countries. Building cyber capabilities requires considerable financial, technical, and institutional resources. This creates a dilemma, particularly for developing countries: on the one hand, building national cybersecurity structures and architectures incurs high costs; on the other hand, cyberattacks also cause significant financial damage due to inadequate or absent protective measures. Developing countries and institutionally fragile states are therefore particularly vulnerable in cyberspace, while simultaneously having fewer resources to implement protective measures. According to the Global Cybersecurity Index 2024, 132 countries have a cybersecurity strategy, while 62 states – predominantly developing countries – do not yet have one. Furthermore, the maturity of national IT security in the Global South is often lower. Most African states find themselves in the middle to lower tiers of the GCI. These five tiers represent a spectrum from very high (Tier 1) to still rudimentary (Tier 5) levels of state cybersecurity commitment. Ethiopia, Botswana, and Nigeria, for example, demonstrate only minimal cybersecurity structures. Africa also faces a shortage of technical expertise, with a gap of 68,000 cybersecurity professionals. The capacities of law enforcement agencies are likewise uneven. Most African countries lack investigative competencies in cybercrime and sufficient digital infrastructure. Although some countries in Africa have established cybercrime units according to the Interpol report, these often operate with limited resources and staff. There are also fragmented legal frameworks and low ratification of international cybercrime conventions. In 2022, fewer than half of African countries – 23 out of 54 – had a national cybersecurity strategy.

Strategy is one thing; building operationally ready capabilities is another. These include, among others:

  • Human resources (e.g., IT professionals with technical expertise in cybersecurity, incident response, blue & red teaming, etc.)
  • Technological and material resources (e.g., suitable technical infrastructure, access to security technologies, and data centers)
  • Strategic and organizational resources (e.g., development of a national cybersecurity strategy, IT security regulation, such as certifications and audits, an adequate cybersecurity budget, and the establishment of a cybersecurity authority)

These resources are crucial for identifying and repelling cyberattacks and for building an effective cybersecurity landscape. Where state capacities, crisis management, and digital infrastructure are lacking, cyberattacks can have severe economic consequences.

International Cooperation and Existing Programs

In addition to shortcomings in strategic, human, and financial resources, African countries face a lack of access to international cooperation. Overall, only 14 African states have ratified the Budapest Convention on Cybercrime, and the African Union Convention on Cyber Security and Personal Data Protection (Malabo Convention) has so far been put into force by only 16 countries. The Malabo Convention obliges its member states, among other things, to develop national cybersecurity strategies. In addition, the UN Cybercrime Convention has been signed by a total of 21 African countries. This points to the continued low political priority African states do and can assert to cybersecurity.

Digital cooperation between the EU and Africa has a long tradition, but in the area of cybersecurity, it remains comparatively fragmented. While numerous projects already exist, their focus is often more on general digital transformation than on the systematic strengthening of cyber resilience. At the same time, cyber cooperation in particular offers considerable opportunities for both sides: both Africa and Europe face a significant shortage of IT professionals, which joint training and qualification initiatives could help alleviate. For Europe, the promotion of European digital standards would also be of strategic advantage, as it would contribute to establishing common international rules and secure digital spaces. Despite these potentials, existing approaches often remain underfunded, too small in scale, and insufficiently prioritized politically.

This is also reflected in existing projects. Programs such as “Cyber4Dev”, which was intended to strengthen cyber resilience in developing countries, expired in 2024. Another initiative is the EU-funded “Safe Digital Boost Africa” (2025–2027) project, which aims to develop a unified digital market in the East African Community and systematically strengthen digital governance, e-commerce, electronic payment systems, and cybersecurity.

Relevant approaches also exist within the framework of the “Global Gateway Flagship Projects.” For example, 820 million euros are to be invested in Nigeria’s digital transformation, including expanding cooperation in the areas of cybersecurity and data protection. By 2027, a total of around 150 billion euros is set to flow to Africa, but many of these initiatives rely heavily on private capital and are hard to control politically. Another flagship project in South Africa focuses on cybersecurity in national air traffic and navigation services, but remains limited to one sector.

Recommendations for Strengthening African-European Cyber Resilience

Although these initiatives are promising and show that cyber threats are increasingly regarded as a shared strategic challenge, they are insufficient. This blog thus provides the following recommendations that could strengthen cooperation between the EU and AU, as well as the cybersecurity architecture in Africa:

  • Building on existing capacity-building efforts such as those by UNIDIR, this proposal would go further by establishing a joint EU-AU Cyber Agenda in which European and African partners develop mutual priorities and strategies in the area of cybersecurity. This would involve inviting experts to document current cyber threats and cyber experts from think tanks, with a focus on developing cybersecurity strategies so that all African countries can build their own cybersecurity strategies. This Cyber Agenda could, for example, address deficits such as a lack of IT professionals, financial support, weak law enforcement, and insufficient data. With the agenda, basic requirements could be established for countries that continue to be affected by cyberattacks.
  • The establishment of an EU-AU Cybersecurity Coordination Hub could centrally coordinate early warning and information sharing, thereby strengthening transparency and the capacity for joint response. Since only a few cyberattacks are currently reported, strengthening reporting capacities would be crucial for joint operational capability. A formal statutory reporting obligation appears difficult to implement in many African states due to limited institutional capacities. Instead, the Cybersecurity Hub could support states with a low cybersecurity maturity level in building voluntary or sector-specific reporting systems that can gradually be developed into a regionally coordinated early warning system. This would allow transparency to be increased without overburdening national administrations.
  • Capacity building and sustainable financing are central prerequisites for greater cyber resilience in Africa. To address the pronounced shortage of skilled professionals on both continents, the EU and AU could expand joint training and exchange programs that simultaneously strengthen partnership relations. In addition, a more coordinated funding instrument would be helpful to support states with particularly low cyber maturity in building basic structures. An EU-AU Cyber Policy Fellowship could also be established as a complementary measure.

From Digital Inequality to Greater Shared Security

Against the background of the aforementioned goals, it becomes clear that reducing the existing cyber inequality between highly digitalized states and many African countries is not only necessary from a security policy perspective. A more balanced cyber landscape not only reduces the attack surface for criminal actors but also creates new opportunities for economic cooperation, technological innovation, and sustainable stability on both continents. Furthermore, if African cyber capabilities are strengthened, cases of cybercrime and fraud will decrease in the medium to long term, representing a gain for both Africa and Europe.

The expansion of resilient cyber architecture in Africa should therefore not be seen as a one-sided support project with a North-South dynamic, but as a shared strategic endeavor. It strengthens the digital sovereignty of African states, creates new spaces for economic development, and at the same time contributes to global risk reduction. Reducing cyber asymmetry is thus not only a security policy necessity, but a central building block for forward-looking, mutually beneficial cooperation. The time for joint action has come.

Lena