Africa in Cloudflare’s 2026 threat report

CybAfriqué is a space for news and analysis on cyber, data, and information security on the African continent.

HIGHLIGHTS

Africa in Cloudflare’s 2026 threat report

We have a running exercise at CybAfrique: judging whether a threat report repeats familiar talking points about Africa or actually offers something new. Most reports contain at least one interesting insight, but occasionally you come across one that offers several. Cloudflare’s latest report is one of those. 

It still contains some familiar talking points. Africa is identified as a major region for cybercrime, including financial fraud and high-trust exploitation. As seen globally, critical sectors such as manufacturing, healthcare, and energy are experiencing rising ransomware and disruptive attacks. 

The report confirms that Chinese state-sponsored threat actors have taken a strategic interest in diplomatic and economic targets on the continent, particularly those linked to infrastructure projects and trade agreements. The report also observed Russian-aligned groups using African-based infrastructure (VPS hosting, IP addresses, etc) when launching campaigns against Western targets. Africa remains both a source and a target for sophisticated phishing-as-a-service operations that exploit "relay blind spots" to deliver high-trust impersonation attacks, as recent warnings from Ethiopia’s INSA confirm. 

At the global level, the report highlights changes in TTPs, including the use of AI-powered Phishing-as-a-Service (PhaaS) bots that deliver highly calibrated BEC campaigns. The scale of infrastructure-level threats has reached a point where human-led mitigation no longer seems a viable option. In 2025, Cloudflare recorded a world-record hyper-volumetric DDoS attack of 31.4 Tbps launched by the Aisuru botnet, nearly six times larger than the previous year's peak. Because these attacks reach full intensity within seconds and typically last less than ten minutes, they require fully autonomous, AI-driven defence systems capable of making millisecond decisions at the network edge. 

FEATURES

• Africa’s mobile money boom leaves users vulnerable to cyber crime

• The shadow of France: Orange telecom's controversial grip on the Central African Republic

HEADLINES

• Vodafone teams up with Amazon's satellites to connect masts in Europe and Africa

• Ghana’s communication minister urges full compliance with data protection act

• Why Ghana’s goal of 70% 5G coverage by 2027 may be virtually impossible

• Meta AI glasses record data of users and send it to Kenya

• Sovereign data, empowered citizens: Kenya’s roadmap to a data‑driven society

• Tanzania notes limited access, cybersecurity as critical gaps in the ICT sector

• Morocco showcases digital and cybersecurity ambitions in Madrid

• SES brings satellite connectivity to refugees in Chad

• Gabon in talks with Meta and TikTok over social media ban

ACROSS THE WORLD

• Western allies form 6G security coalition amid tech rivalry with China

• Iranian drone strikes hit Amazon data centers in Gulf, disrupting cloud services

• LexisNexis says hackers accessed legacy data in contained breach

See you next week!