17-04-2025
Kaspersky: Morocco Ranks High Among Top Targets for Cyberattacks in Africa
Doha – Cybersecurity giant Kaspersky has revealed Morocco ranks among Africa's most frequently targeted countries for digital attacks. The findings, presented at GITEX Africa 2025 — which concluded yesterday in Marrakech — draw attention a surge in threats across the continent.
The report, based on anonymized data from Kaspersky Security Network, places Morocco third among African countries facing web-based threats, with 12.6 million attack attempts documented in 2024.
Kenya tops the list with nearly 20 million incidents, while South Africa follows with approximately 17 million.
Web threats targeting African businesses jumped 1.2% compared to 2023, with over 131.5 million total threats detected regionwide this year.
On-device threats have climbed 4% in African organizations since last year. Morocco features prominently among countries experiencing this increase, alongside Senegal, Nigeria, South Africa, and Ethiopia.
Data theft threats have spiked dramatically across the continent. Spyware attacks on African businesses surged 14% between 2023 and 2024, while password stealer detections soared by 26%.
Kenya, Morocco, and South Africa recorded the highest number of password-stealing attempts, followed by Tanzania, Namibia, Uganda, and Senegal.
'Africa's rapid digital expansion has brought significant opportunities, but it has also exposed the continent to a growing array of cyberthreats,' warns Maher Yamout, Lead Cybersecurity Researcher with Kaspersky's Global Research and Analysis Team.
Yamout pointed to hybrid work arrangements and rushed digitization as key vulnerabilities in the business sector. 'The continuing shift toward hybrid work models and the rush to digitize operations — often outpacing cybersecurity investments — may leave African businesses exposed to advanced persistent threats,' he explained.
Experts warn of systemic risks
The report emerges amid Morocco's most serious cybersecurity crisis in years. The National Social Security Fund (CNSS) recently suffered a devastating breach that exposed the salary information of approximately 2 million individuals across 500,000 companies.
The Algerian hacking group 'JabaRoot DZ' claimed responsibility for the attack.
The breach triggered an unprecedented security lockdown across government digital infrastructure. Multiple ministries and public administrations shut down their online platforms as a preventive measure.
The direct housing assistance platform closed first, followed by websites for the Ministry of Education, General Secretariat of Government, and the Mediator Institution. Morocco's tax department also suspended its digital services.
Morocco's Center for Monitoring, Detection and Response to Computer Attacks identified the source as a critical security flaw in the WordPress 'SureTriggers' module, widely used by institutional websites.
This vulnerability allows hackers to bypass security protocols and access sensitive data. The danger lies in its ability to create automatic interconnections with hundreds of third-party applications like Google, Facebook, Slack, and Gmail, giving cybercriminals access to sophisticated chain attacks.
The CNSS incident has sparked intense debate about cybersecurity governance in Morocco. Security experts argue the breach likely resulted from both human error and technical vulnerabilities.
Many government agencies still use outdated operating systems from 2011, which no longer receive security updates and leave networks highly vulnerable to attack.
The Maghreb country has also experienced a wave of retaliatory attacks, including distributed denial-of-service (DDoS) campaigns.
Most recently, the Algerian group DDOS54 launched what they described as a 'major campaign' against Moroccan government systems, affecting several ministerial websites including the Agriculture Ministry portal and the national tax portal.
Security experts recommend government institutions implement regular penetration testing, with at least 50 tests performed every six months.
They also advocate establishing a national cybersecurity center to work alongside the existing General Directorate of Information Systems Security (DGSSI) to better coordinate Morocco's digital defenses.
Despite these challenges, Morocco ranks relatively well in global cybersecurity standings. The country is classified among 'vigilant actors' in the fight against financial crime according to the 2025 Global Economic and Financial Crime Index, placing 75th out of 177 countries with a score of 2.14 points.
For organizations, Kaspersky recommends keeping all software updated, limiting exposure of remote desktop services, implementing comprehensive endpoint detection solutions, utilizing threat intelligence, and maintaining regular data backups.
'Organizations in Africa should prioritize a unified approach by enhancing collaboration, investing in specialized cybersecurity training, and promoting digital literacy to effectively combat the rising tide of cybercrime,' Yamout concluded.
Read also: Morocco Ranks Among Top Five Arab Nations in Global Cybersecurity Index 2024 Tags: cyberattacksCybersecurity in MoroccoGITEX Africa 2025Kaspersky
