Ethiopia is currently the most vulnerable country in the world to malware attacks, according to an assessment from a senior Israeli cybersecurity expert. Government entities and critical infrastructure, including the Grand Ethiopian Renaissance Dam (GERD) and the telecommunications sector, have been repeatedly targeted.
At an Executive Cybersecurity Workshop organized by the Ministry of Innovation and Technology and the Ethiopian Cyber Security Association, in collaboration with the Embassy of Israel, Andrew Pelled, Vice President of the cybersecurity firm Cyber Integrity, discussed the severe challenges facing Ethiopia. He noted the rapid expansion of digital services, stating, “The population is very large, but the services are growing. With more digital services come more risks, attacks, and challenges.”
Pelled referenced an INTERPOL assessment that ranked Ethiopia first globally for malware attack detections in 2024. He indicated that the country faces a risk four times higher in critical sectors such as government, telecommunications, banking, and national infrastructure, including essential services like electricity. He explained that there is a significant gap between the pace of digital adoption and the implementation of robust security measures. “As we encounter more challenges, we must implement solutions quickly and securely,” he added.
The primary cyber threat vectors in Ethiopia are phishing, ransomware, distributed denial-of-service (DDoS) attacks, Business Email Compromise (BEC), and mobile fraud, with critical infrastructure and financial institutions being frequent targets.
Drawing on over fifteen years of experience in cybersecurity and digital resilience, Pelled reported that in the first half of 2024 alone, Ethiopia experienced 4,623 attacks on banks. “These attacks ranged from sophisticated fraud attempts to large-scale credential theft operations, jeopardizing the stability of the financial ecosystem,” he stated.
He also highlighted the scale of DDoS attacks, noting that 40 billion attempts were recorded against telecom networks in just 14 days, threatening nationwide connectivity and causing significant service degradation. Attacks on critical national assets are another major concern, with many ministries and the GERD facing sophisticated attempts aimed at data theft, service disruption, and the compromise of operational technology/industrial control systems (OT/ICS).
Phishing remains the primary method for initial compromise in Ethiopia. “Threat actors are using AI-generated texts and sophisticated impersonations of trusted entities—such as local banks and government ministries—to deceive users,” Pelled explained.
Ransomware has also emerged as a significant threat to financial organizations, focusing on encrypting data and sensitive information. “These attacks lead to severe operational downtime, financial loss, and reputational damage,” he noted, adding that recent incidents indicate a shift toward “double extortion,” where attackers threaten to leak data if the ransom is not paid.
Israeli Ambassador to Ethiopia, Avraham Neguise, emphasized that as Ethiopia undergoes an impressive digital transformation—expanding e-government services, fintech, digital infrastructure, and innovation ecosystems—safeguarding digital assets is increasingly critical.
“Israel is proud to partner with Ethiopia on its journey toward a secure and innovative digital future. Our two countries share a long-standing relationship based on mutual respect, friendship, and practical cooperation,” he stated. “Over the years, Israel and Ethiopia have collaborated in areas such as agriculture, water management, health, and education. More recently, this cooperation has extended into the realms of digital technology, high-tech, and innovation, reflecting the evolving needs of modern economies.”
He underscored that Israel is globally recognized as a leader in cybersecurity.
