With digital transformation a top priority on the corporate agenda as companies identify new ways to grow their business, cyber attackers and opportunist cybercriminals remain very active. And although Africa is not necessarily considered a focus area for the more sophisticated types of cybercriminal activity such as targeted attacks or advanced persistent threats (APTs), the continent is certainly not immune to these or other types of cyber risks, warn Kaspersky researchers.
When looking at the general cyberthreat landscape as it impacts consumers and businesses, Kaspersky research shows that in 2020, worldwide, approximately 10% of computers experienced at least one malware attack. Interestingly, in some African countries, including South Africa, the figure was only slightly under the global 10% average, making the African region comparable to that of North America or Europe in terms of cyberattacks. On some parts of the continent, in countries like Liberia Tunisia, Algeria and Morocco as examples, Kaspersky has seen a slightly higher rate, while other parts show a lower rate – a 5% or 6% average. For the first quarter of 2021, the figures are only slightly lower than 10%, both in relative and absolute terms.
Says David Emm, Principal Security Researcher at Kaspersky, says: “Generally speaking, and based on our research, Africa has the same hit rate as we would see for other parts of the globe when it comes to cyberattacks and activity. This only emphasises that the cyber threat landscape truly does incorporate the whole globe where no continent or country is free of this growing danger and where all consumers, businesses and industries alike need to pay attention to effective cybersecurity measures – and especially during the current pandemic and resultant turbulent times.”
No respite in an evolving cybercrime landscape
In South Africa, Kenya and Nigeria, Kaspersky’s research has identified the top malware families as ransomware, financial/banking trojans, and crypto-miner malware. When comparing the first quarter of 2021 with the second quarter of 2021, Kaspersky saw a 24% increase in ransomware in the second quarter of 2021 in South Africa, as well as an increase of 14% in crypto-miner malware. In Kenya and Nigeria, Kaspersky saw a large increase in financial/banking trojans in the second quarter of 2021 when compared to the figures for the first quarter of 2021 – a 59% increase in Kenya and a 32% increase in Nigeria.
While on a technical level, not much has changed when it comes to cyberattacks, what is different is that the pandemic presents a persistent topic in which the world has a vested interest in. So, unlike the Olympics or Valentine’s Day which are limited in terms of a timeline, the pandemic offers a wealth of opportunities for cybercriminals to use malware to attack. Everything from the daily numbers and lockdown restrictions to vaccinations, hackers are leveraging on every aspect of the current situation to compromise systems.
“While the bulk of attacks are still speculative and randomly targeting individuals and businesses, there is a shift happening with the increase of APTs and more strategically targeted based attacks. These use continuous, clandestine, and sophisticated hacking techniques to gain access to a system and remain inside for a prolonged period, with potentially destructive consequences. Because of the time and effort required to perpetrate such an attack, these are often levelled at high value targets, such as nation states and large businesses,” adds Emm.
Furthermore, another concern is that as the cyberthreat landscape evolves, the nature of malware is changing.
Continues Emm: “Take ransomware as an example. In the beginning, it was very random targeting as many people as possible hoping for a relatively small amount of money paid in ransom. During the past five years, there has been a shift with a decline in the number of ransomware families being developed as well as an overall global decline in attacks. However, attackers are now focusing on specific companies and individuals where they can get the maximum benefit. The new approach of ransomware is to expose data, negatively impacting the reputation of a company. To this effect, financial crime has become more sophisticated and organised.”
Financial institutions a top targeted industry
The financial services sector remains a top targeted industry in Africa when it comes to cybercriminal activity and such cyberthreats – not surprising when one considers the digital first approach this sector continues to take, driven by the needs and expectations of its customers.
“It is relatively easy for a hacker to target an individual and capture passcodes, one-time passwords, and install malware on their computers to get financial information. Increasingly, this is expanding to financial institutions given the sheer number of new entrants in the market emerging. For hackers, online or cyber fraud offers direct monetisation of an attack and gives them access to money as quickly as possible,” adds Emm.
Financial based malware and cyberattacks are also becoming more targeted, complicated, and difficult to prevent, and with digital transformation progressing at a rapid rate within such a sector, there is no shortage of attack surfaces for cybercriminals to exploit.
“In a world where cybercrime remains rife and is only fuelled by aspects like the pandemic, there is never a moment one should not consider the implications of a cyberattack, especially as the cyberthreat landscape evolves and become even more targeted and sophisticated than it was a mere few years ago. Cybercrime is a business. This means that consumers and companies alike must remain vigilant against an increasing attack surface. Not only does this entail a more focused cyber training approach for staff within an organisation, but also using the latest technologies that feature artificial intelligence and machine learning for accurate and proactive protection and prevention in real-time,” concludes Emm.