ABIDJAN, Côte d’Ivoire – 22 May 2025 – The National Agency for the Security of Information Systems of Côte d’Ivoire (ANSSI-CI) has unveiled its 2024 Report on the State of Cybercrime in Côte d’Ivoire and a new Practical Guide on Securing Information Systems: Legal Aspects, during the inaugural edition of the Journées du Droit Numérique (JDN – Digital Rights Days). This release marks a major step in West Africa’s digital security governance and underscores the region’s proactive stance on combating cyber threats.
Held under the theme “Law and Digital for All: Building a Trustworthy Digital World”, the JDN conference was initiated by Côte d’Ivoire’s Ministry of Digital Transition and Digitalisation. The opening session featured ANSSI-CI’s Deputy Director General highlighting the agency’s core missions. This was followed by expert presentations from:
- Carole Lepregnon, Director of Audits and Compliance at ANSSI-CI
- Commissaire Mamadou Fofana, Director of Investigations and Operational Support
- Commissaire Marcellin Dougba, Head of PLCC (Platform for the Fight Against Cybercrime)
- Dr. Ibrahim Coulibaly, Legal Digital Consultant
Each presented key insights from the report and legal guide, fielding questions from a packed auditorium of national and international stakeholders.
Key Findings from the 2024 Cybercrime Report
The report highlights a concerning spike in cybercrime across Côte d’Ivoire in 2024, notably:
- Over 8,500 reported incidents, a 35% increase from 2023
- Social engineering and SIM swapping as dominant vectors
- A surge in ransomware, financial fraud, and WhatsApp impersonation schemes
- Growing use of encrypted apps for cybercriminal coordination
- Notable rise in business email compromise (BEC) and attacks targeting government portals
“The sophistication and scale of attacks are evolving rapidly, and Côte d’Ivoire is no longer just a victim—it’s increasingly a strategic target,” warned Commissaire Fofana during his address.
Practical Legal Guide for Digital Ecosystem Security
The Practical Guide to Information System Security – Legal Aspects aims to equip public and private stakeholders with actionable legal and governance strategies. It focuses on:
- National cybersecurity regulations
- Digital evidence preservation standards
- Risk-based compliance frameworks
- Public-private collaboration models
- Incident response and judicial procedures
Dr. Coulibaly emphasized:
“Security cannot exist without the law. This guide demystifies the legal responsibilities of all digital actors in securing their environments.”
MEA Relevance: A Regional Call to Action
Côte d’Ivoire’s efforts resonate across the Middle East and Africa, where digital transformation is accelerating amid mounting cyber threats. Unlike many African nations, ANSSI-CI has consistently issued structured annual reports and guides—positioning itself as a regional cybersecurity governance leader.
- Nigeria’s NITDA and Ghana’s CSA have launched similar frameworks, but Côte d’Ivoire’s approach is notable for its integration of law enforcement, technical audits, and legal education in a single policy track.
- Countries in the Gulf Cooperation Council (GCC) are also rolling out national threat intelligence centers and legal reforms to better align with international standards such as the Budapest Convention.
Global Parallels and Policy Implications
Globally, the ANSSI-CI initiative mirrors trends in Europe and Asia, where national cybersecurity strategies now increasingly include legal capacity-building and judicial cooperation.
- France’s ANSSI published its annual threat review in March 2025, noting a 60% increase in data exfiltration via phishing and zero-click exploits.
- In Singapore, the Cyber Security Agency (CSA) recently launched mandatory risk disclosures for critical information infrastructure (CII).
These converging trends underline the importance of cross-border policy harmonization and legal readiness in deterring and responding to transnational cybercrime.
Expert Reactions
“This guide is a game-changer for francophone Africa. It gives CISOs a much-needed legal compass to accompany their technical defense strategy,” said Yann Le Borgne, West Africa Director at INTERCERT.
“ANSSI-CI has set a standard for transparent, multi-stakeholder cybersecurity policy. Their work should inspire similar efforts in emerging economies,” added Dr. Hadiza Bello, Research Fellow in Digital Governance at the University of Pretoria.
Box: Notable TTPs and Threat Vectors in Côte d’Ivoire (2024)
| Tactic | Technique | MITRE ATT&CK ID |
|---|---|---|
| Initial Access | Phishing via WhatsApp | T1566.002 |
| Persistence | SIM Swap-Based MFA Bypass | T1576 |
| Credential Access | Keylogging in Cyber Cafés | T1056.001 |
| Command & Control | Use of Encrypted Messaging Apps | T1573.002 |
| Impact | Ransomware Deployment via USB | T1486 |
Actionable Takeaways for Cyber Defenders and Executives
- Update staff awareness training to reflect current phishing and social engineering methods (training).
- Conduct legal compliance audits based on the new ANSSI-CI guide.
- Segment networks and limit admin rights to reduce ransomware exposure.
- Collaborate with national CERTs and law enforcement on reporting mechanisms.
- Review data retention policies in alignment with Côte d’Ivoire’s legal framework.
- Implement anti-SIM swap measures, including carrier-side PIN protections.
- Document digital evidence handling procedures for regulatory investigations.
- Encrypt sensitive data at rest and in transit, especially in mobile contexts.
- Apply threat intelligence feeds to enhance SOC detection capabilities.
- Benchmark practices against neighboring countries for regional harmonization.
Conclusion: A Regional Model Worth Watching
Côte d’Ivoire’s ANSSI-CI has taken a bold and necessary step in addressing the dual technical and legal dimensions of cybersecurity. By offering both a comprehensive threat report and a legal practice guide, it provides a replicable framework for nations facing rising cybercrime and fragmented policy landscapes. As digital rights and cybersecurity converge, Côte d’Ivoire is poised to become a cybersecurity best-practices leader in West Africa and potentially beyond.
Sources
- ANSSI-CI official website
- Ministry of Digital Transition and Digitalisation (Côte d’Ivoire)
- Budapest Convention on Cybercrime
- MITRE ATT&CK Framework
- INTERCERT Africa Cyber Intelligence Review 2025
- CSA Singapore Cyber Threat Landscape 2025
- NITDA Nigeria 2024 Annual Cybersecurity Report
- CyberCory – Cybersecurity Trends and Best Practices
- Saintynet – Security Services and Awareness Training
