What Are Cyber Threats
π₯ Opening Hook
The word “cyberattack” conjures images
of hooded figures in dark rooms
typing furiously at multiple screens.
The reality is far more mundane β
and far more dangerous.
Most cyberattacks begin with an
ordinary email, a familiar-looking
website, or a simple phone call.
They succeed not because attackers
are technical geniuses β but because
most people have never been taught
what to look for.
You are about to be taught.
ββββββββββββββββββββββββββββββββββ
- What Is a Cyber Threat?
A cyber threat is any malicious
attempt to access, disrupt, manipulate,
or exploit digital systems, networks,
devices, or the data they contain.
Cyber threats are carried out by:
β Individual criminals seeking
financial gain
β Organised criminal groups
operating at scale
β State-sponsored actors targeting
governments and infrastructure
β Insiders β employees or contractors
misusing their access
β Opportunistic attackers using
automated tools to exploit
any vulnerability they can find
The targets range from individuals
and small businesses to multinational
corporations and national governments.
No one is too small to be targeted.
No one is too obscure to be found.
ββββββββββββββββββββββββββββββββββ
- What Attackers Are After
Understanding what attackers want
helps you understand what to protect.
The most common objectives:
Financial gain:
β Stealing money directly from
bank accounts or payment systems
β Ransomware β encrypting data
and demanding payment for its release
β Selling stolen data on criminal markets
β Fraud using stolen identities
or payment details
Data theft:
β Personal information β names,
addresses, identification numbers
β Login credentials β usernames
and passwords
β Financial data β card numbers,
account details
β Organisational data β client
records, strategic plans,
intellectual property
Disruption:
β Taking down websites, systems,
or services
β Disrupting critical infrastructure β
power, water, hospitals
β Damaging an organisation’s
reputation or operations
Espionage:
β Stealing government or
corporate secrets
β Monitoring communications
of specific individuals
β Gaining competitive or
strategic advantage
ββββββββββββββββββββββββββββββββββ
- The Cyber Threat Landscape
Globally and in Africa
Cyber threats are a global problem β
but they manifest differently
in different contexts.
Globally:
β Financial institutions, healthcare
organisations, and government
agencies are among the most
frequently targeted sectors
β Ransomware attacks have disrupted
hospitals, schools, and public
services in multiple countries
β Data breaches at major corporations
have exposed the personal information
of hundreds of millions of people
β Supply chain attacks β targeting
software providers to reach
their clients β are growing in
sophistication and frequency
In Africa:
β The rapid growth of mobile money
and digital banking has created
significant new attack surfaces
β Mobile money fraud and SIM swap
attacks are among the most
prevalent threats across the continent
β Many organisations lack mature
cybersecurity infrastructure β
making them attractive targets
β Growing internet adoption among
populations with limited digital
security awareness increases
individual vulnerability
β African cybersecurity talent and
policy frameworks are developing β
but the threat landscape is
evolving faster
This context matters because it
shapes the specific threats you
are most likely to encounter β
whether you work in Lagos, Nairobi,
London, or anywhere in between.
ββββββββββββββββββββββββββββββββββ
- The Three Vectors of Attack
Most cyber attacks reach their
targets through one of three vectors:
Vector 1 β Technical vulnerabilities
Exploiting weaknesses in software,
hardware, or network configurations.
β Unpatched software with known
security flaws
β Misconfigured servers or
network devices
β Weak encryption or outdated
security protocols
Vector 2 β Human behaviour
Manipulating people into taking
actions that compromise security.
β Clicking malicious links
β Revealing passwords or
sensitive information
β Installing malicious software
β Granting access to unauthorised individuals
Vector 3 β Physical access
Gaining physical access to devices,
networks, or facilities.
β Stolen or lost devices
β Infected USB drives
β Accessing unattended unlocked screens
Of these three vectors β human
behaviour is consistently the
most exploited.
Not because people are careless.
Because attackers are sophisticated
at exploiting entirely normal human
tendencies β trust, urgency,
curiosity, and helpfulness.
ββββββββββββββββββββββββββββββββββ
β‘ Power Insight
Cybersecurity is fundamentally
a human problem β not a technology
problem. The most sophisticated
security systems in the world
can be bypassed by a single
uninformed click. Understanding
the threat landscape is the first
and most important step in becoming
a professional who makes their
organisation safer β not more vulnerable.
ββββββββββββββββββββββββββββββββββ
βοΈ Quick Action Challenge
β‘ Takes 5 minutes:
Think about the last week of
your digital activity.
Ask yourself:
β Did I receive any emails or
messages that seemed slightly
off β unexpected, urgent,
or from an unfamiliar source?
β Did I click any links without
checking where they led?
β Did I connect to any public
Wi-Fi networks and access
sensitive accounts?
You do not need to do anything
with the answers right now.
Just notice them.
Awareness is always the first step.
π Want to go deeper?
The African Union has published
a Cybersecurity Framework for Africa
β available at au.int. Reading the
executive summary gives you a clear
picture of where the continent
stands on cybersecurity β and
where the gaps remain.
ββββββββββββββββββββββββββββββββββ
π Sources & Further Reading
- African Union β
Cybersecurity Framework for Africa
au.int/en/cyberecurity - INTERPOL β
African Cyberthreat Assessment Report
interpol.int/en/Crimes/
Cybercrime - World Economic Forum β
Global Cybersecurity Outlook
(updated regularly)
weforum.org/reports - ENISA β
Threat Landscape Report
(updated regularly)
enisa.europa.eu/topics/
cyber-threats - ITU β
Global Cybersecurity Index
(updated regularly)
itu.int/en/ITU-D/Cybersecurity
ββββββββββββββββββββββββββββββββββ
π Key Takeaway
Cyber threats are not abstract
or distant. They are happening
continuously β targeting ordinary
professionals in ordinary situations.
The professionals who understand
what those threats look like and
how they work are infinitely harder
to compromise than those who do not.
That understanding starts here.