by MTHULISI SIBANDA
JOHANNESBURG, (CAJ News) – NEC XON has issued a critical alert about the dual threat of massive credential theft and artificial intelligence (AI)-powered cyber attacks sweeping across the continent.
This cybercrime now officially ranked as the top business risk in South Africa.
With rising incidents and evolving threat tactics, NEC XON is calling on organisations to rethink security from a static, reactive necessity to a strategic, AI-driven business imperative.
“Credentials have become the skeleton key to an organisation’s digital assets,” said Armand Kruger, Head of Cybersecurity at NEC XON.
The official disclosed the company had uncovered over 10 000 compromised South African credentials on the dark web during recent client assessments.
“That’s not just a statistic—it’s an open invitation to attackers.”
These credentials are harvested using malware known as credential stealers, which infect devices such as smartphones and computers to extract all stored login information.
Cyber adversaries use these stolen credentials to access services such as online banking and other consumer platforms, take over accounts, and cause significant harm.
According to the IBM 2024 Cost of a Data Breach Report, compromised credentials are now the most common entry point for attackers in South Africa, responsible for 17 percent of breaches and costing companies an average of R56 million per incident.
Mimecast’s 2024 research shows that 40 percent of breaches are caused by human error—often through phishing and stolen passwords—yet only 22 percent of companies provide ongoing cybersecurity training.
Kruger explained that in several vulnerability assessments, NEC XON traced stolen credentials to South African domains and active infrastructure—with no multi-factor authentication in place.
“It’s like leaving the front door open and being shocked when someone walks in.”
According to the World Economic Forum Artificial Intelligence and Cybersecurity Report (2025), AI has democratised cybercrime, giving attackers tools to scale up phishing campaigns, automate social engineering, and develop adaptive malware.
NEC XON confirms this shift.
“Cybercriminals are no longer working harder—they’re working smarter with AI,” said Kruger.
The Kaspersky IT Security Economics Report (2025) echoes these concerns, revealing a 26 percent rise in password-stealing malware across Africa in 2024.
Picus Labs’ Red Report 2025 noted a 300 percent surge in credential theft.
NEC XON is a leading African integrator of technology solutions and part of NEC, a Japanese global company.
– CAJ News