Recent cyberattacks on Senegal’s national treasury underscore the widening vulnerability of African institutions to cybercrime. As various countries across the continent rapidly digitize, the challenge of fortifying defenses against hackers and fraudsters has become increasingly daunting.
Publication date: 2026/05/15 – 16:59
3 minutesreading time
This week, Senegal experienced its third cyberattack against public institutions within a mere six months. On May 10, the government confirmed a significant “incident” affecting the IT systems of the Ministry of Finance, prompting users to report ongoing disruptions for several days. Media reports revealed that the hackers claimed responsibility and threatened to leak 70 gigabytes of sensitive data.
In October 2025, cyber extortion group Black Shrantac targeted the website of the Senegalese tax authority, claiming to have extracted approximately 1 terabyte of data and demanding a ransom of $10 million. Earlier, in January 2026, hackers identifying themselves as the Green Blood Group attacked the Ministry of Interior’s department responsible for issuing identification cards, alleging they stole 139 terabytes of data encompassing identity records, biometric data, election information, and immigration files. Some of this information has reportedly surfaced on the dark web.
According to cybersecurity experts, Senegal is not an isolated case; it reflects a broader trend in Africa. Gerard Joseph Francisco Dacosta, a cyber defense expert based in Dakar, noted that Senegal’s prominence in soccer, alongside the discovery of oil and gas resources and political transitions, has rendered it an appealing target for emerging cybercriminal groups seeking visibility.
Increasing Cybercrime Across the Continent
Cybercrime has surged across Africa in recent years. In 2024, the Bank of Uganda faced a cyberattack that led to the theft of nearly $17 million in deposits. A few months later, a cyber incident at South Africa’s National Weather Service took critical systems offline, disrupting air and marine forecasts region-wide.
Currently, organizations in Africa contend with an average of 2,940 cyber attacks weekly, a figure approximately 700 higher than the global average, according to research by cybersecurity firm Check Point. Their April Global Threat Intelligence report indicated that the financial services, government, and consumer goods sectors are the most targeted.
Lorna Hardy, Check Point’s regional director for Africa, pointed out that rapid digitization and varying levels of cybersecurity maturity have made the continent increasingly vulnerable to cyber threats.
Widespread Impact on Individuals and Organizations
The prevalence of mobile money services has heightened the risk of cybercrime, not only for individuals but also for organizations. Experts warn that the threat landscape is evolving, particularly with the advent of artificial intelligence. Check Point has identified AI deception as the “fastest growing threat.” Fraudsters now utilize deepfake audio and video technology to manipulate users into authorizing payments, while AI tools reduce the cost and time required to execute attacks.
Interpol’s Africa Cyber Threat Assessment Report 2025 indicates that cybercrime constitutes over 30% of all reported crimes in West and East Africa. The report highlights that online fraud is the most common attack, followed by ransomware, business email compromise, and digital sextortion.
In a notable effort to combat this issue, Interpol coordinated a three-month operation across 18 African nations in 2025, resulting in the arrest of 1,209 cybercriminals who targeted approximately 88,000 victims. Dubbed Operation Serengeti 2.0, the operation also recovered $97.4 million and dismantled 11,432 malicious infrastructures.
Challenges in Cyber Defense
Security expert Dacosta emphasizes the pressing need for countries in Africa to enhance their resilience against cyberattacks, focusing on detection, damage limitation, and swift recovery. He notes that levels of cyber resilience vary significantly across the continent.
Some nations, like Morocco and Rwanda, have begun implementing protective measures that include advanced antivirus solutions, endpoint threat detection, and next-generation firewalls. Dacosta argues that African governments must invest in a comprehensive approach to cybersecurity, stressing the importance of developing sovereign cyber defense capabilities.
He advocates for a multi-faceted strategy that encompasses clear governance, modern legal frameworks, extensive cybersecurity training, regional cooperation, and the safeguarding of critical infrastructure. Furthermore, he highlights the necessity of establishing cybersecurity operations centers and national cyber emergency response teams to facilitate real-time attack detection.
