Cybersecurity Threats on the Rise in Benin: Official Report Details Growing Concerns

Cybersecurity Threats on the Rise in Benin: Official Report Details Growing Concerns

In a significant step towards bolstering digital security, Benin's Agency for Information Systems and Digital (ASIN) has presented the country's first national cybersecurity report at the 2025 Cyber Africa Forum (CAF) in Cotonou. The report, which covers data from 2021 to 2024 and analyses vulnerabilities and incidents across public institutions and critical infrastructure operators (OIIC), sheds light on the current state of cybersecurity in Benin and offers recommendations to improve digital resilience.

Over the three-year period, a total of 878 recorded vulnerabilities were identified. Among the most common cyber incidents were Malware Infections (23 cases), Website Hacking (12 cases), Botnet Attacks (7 cases), and SQL Injection (18 cases), which affected databases. Sensitive Information Disclosure (26 cases) involved data leaks, while Broken Authentication (24 cases) was due to login flaws. Remote Code Execution (RCE) (23 cases) enabled external attackers to run malicious code.

The most impacted sectors were Public Service (326 cases), Finance (155 cases), and the Digital sector (117 cases). The audit findings revealed wide disparities in compliance with Benin's State Information Systems Security Policy (SSIE), with compliance levels across institutions ranging from 6% to 87%.

The event was co-moderated by Marc-André Loko (ASIN Director General) and Ouanilo Médegan Fagla (Director General of the National Center for Digital Investigations). Speaking at the forum, Marc-André Loko emphasized the need for cybersecurity to evolve in tandem with digital development, while Ouanilo Médegan Fagla stated that the report aims to raise awareness, inform national cybersecurity strategies, and provide practical recommendations to strengthen the country's information system defences.

The report attributes these incidents to outdated software, limited user awareness, and the absence of regular security patches. In light of these findings, the report recommends several key strategies to address vulnerabilities and improve digital resilience.

One of the key recommendations is the development and enforcement of comprehensive cybersecurity laws and regulations. Similar to the Gulf Cooperation Council countries' efforts, Benin would benefit from establishing baseline cybersecurity and data protection laws that also cover electronic transactions and industry-specific regulations to close critical regulatory gaps.

Another recommendation is strengthening national cybersecurity governance frameworks. Creating clear strategic objectives and priorities, as seen in national cybersecurity strategies of other countries, would help Benin coordinate efforts across public and private sectors and align its response to cyber threats.

Enhancing cyber incident response and resilience capabilities is also crucial. Developing robust incident response plans and resilience measures is necessary, including improving the detection, reporting, and management of cyber incidents to minimize disruption.

Capacity building and awareness programs are also emphasized in the report. Investing in cybersecurity education, training, and awareness campaigns to develop skilled personnel and informed users is typically emphasized in national reports to reduce vulnerabilities from human error and insider threats.

International collaboration and intelligence sharing are also essential to address cross-border cybercrime effectively. To this end, Benin would need to engage in regional and international partnerships, leveraging shared threat intelligence and cooperative mechanisms, akin to ECOWAS initiatives in West Africa.

Finally, the report recommends focusing on protecting digital infrastructure and critical sectors. Prioritizing protection for key industries and critical infrastructure through tailored cybersecurity measures helps build resilience against targeted attacks, as seen in more mature cybersecurity ecosystems.

While the exact text of Benin's report is not available, these recommendations align with best practices from similar national cybersecurity strategies and reports in the region and globally and are likely reflected in Benin's first national cybersecurity report. For more detailed, specific recommendations, consulting the official report or related ECOWAS documentation would be necessary.

In addition, the report highlighted the increased cybersecurity risks associated with Benin's accelerated digital transformation. With 832 password breaches reported, the most notable in Finance (406 cases) and Public Service (226 cases), it is clear that addressing these vulnerabilities is of utmost importance for the nation's digital future.

1. The national cybersecurity report in Benin, presented at the 2025 Cyber Africa Forum, attributes many cyber incidents to outdated software.
2. One of the key recommendations in the report is the development and enforcement of comprehensive cybersecurity laws and regulations, similar to the efforts of Gulf Cooperation Council countries.
3. Enhancing cyber incident response and resilience capabilities is crucial, as recommended in the report, which suggests improving the detection, reporting, and management of cyber incidents.
4. International collaboration and intelligence sharing are essential, according to the report, to address cross-border cybercrime effectively, requiring Benin to engage in regional and international partnerships, leveraging shared threat intelligence and cooperative mechanisms.

Read also: