Cybercriminals are capitalising on newly opened portals and systems to infiltrate campuses and exfiltrate prized data as African universities race to embrace online learning and digital administration, according to a report by KnowBe4.
Microsoft’s latest Cyber Signals report ranks the education sector as the third most targeted globally, with African higher education institutions among the region’s most vulnerable.
In recent months, Tshwane University of Technology in South Africa has fallen victim to a significant breach that saw unknown actors siphoning personal records and confidential research material.
Meanwhile, in Morocco, hackers exploited vulnerabilities in the online master’s degree platform at Abdelmalek Essaadi University, prompting administrators to scramble urgently for patches and damage control. Such incidents underscore the ease with which cybercriminals can exploit legacy software and under‑resourced IT departments.
Universities hold vast repositories of sensitive information, ranging from student identification details to proprietary research outputs and intellectual property. Their open‑access culture, which encourages collaboration across continents, only amplifies risk, as thousands of staff and students share networks and credentials. In many institutions, email systems remain a weak point, with staff and learners alike still unfamiliar with the tell‑tale signs of phishing and spoofing attacks.
Educational establishments in South Africa’s Mpumalanga province endured crippling link‑based ransomware campaigns that encrypted administrative files and student databases, leaving faculties unable to process graduations or issue transcripts for weeks. In the Eastern Cape, similar assaults forced schools offline for months at a time, as leaders deliberated over whether to acquiesce to extortion demands paid in cryptocurrency or rebuild their systems from scratch.
Experts warn that constrained budgets and ageing infrastructure leave African HEIs with little margin for error.
“Many universities continue to run unsupported legacy systems simply because upgrades are prohibitively expensive,” says Dr Ifeoma Eze, a Lagos‑based cybersecurity consultant.
“Without dedicated funding for modern defences and regular staff training, institutions will remain easy prey for increasingly sophisticated attackers.”
To counter the tide, institutions are urged to embed cybersecurity into every facet of campus life. This includes enforcing multi‑factor authentication for all log‑ins, instituting robust data‑handling protocols, and providing regular, role‑specific training for administrators, lecturers and students.
By adopting internationally recognised frameworks such as those issued by the US National Institute of Standards and Technology, universities can benchmark their defences and systematically close gaps before they are exploited.
KnowBe4 also added that Artificial intelligence tools can also monitor network traffic in real time, flagging irregular patterns and isolating potential intrusions before critical systems are compromised. Such proactive defences, when combined with a human‑centred approach that emphasises security awareness and behavioural interventions, promise to shift the balance back in favour of institutions.
“As Africa’s digital learning revolution gathers pace, the stakes have never been higher. With cyber threats evolving daily, only a concerted effort involving universities, governments, technology vendors and security experts will safeguard the integrity of the continent’s education systems and preserve the trust of students, staff and research partners alike,” the report said.