African countries have increasingly become focal points for cyber threats, according to the latest data from the Kaspersky Security Network.
The continent features prominently in the global top 100 for online threats, with Kenya ranked 35th, Nigeria 50th and South Africa 82nd.
In the first quarter of 2023, Kaspersky reported that backdoor and spyware attacks were the most common threat types in South Africa, amassing 106,000 attack attempts.
Similar attack attempts were observed in Nigeria, totalling 46,000, while the same attacks peaked at 143,000 in Kenya.
However, in Kenya, exploits emerged as the most dominant form of attack with 177,000 incidents blocked.
Examples include legacy, old and forgotten devices, IoT devices, network equipment, printers, cameras, and even coffee machines.
In the year to date, 1.6 million zombie machines have been detected in South Africa and 300,000 in Kenya.
“Criminal attacks are mainly driven by the pursuit of financial profit, whereas advanced attacks indicate how cyber threat actors continually adapt their tactics and tools to breach security measures. A significant portion of the attacks witnessed across Africa are shaped by the rapidly changing geopolitical landscape. However, a growing concern is that cybercriminals are learning from successful advanced attacks to refine their craft,” said Dr Amin Hasbini, head of the global research & analysis team for META at Kaspersky.
In his presentation, Hasbini flagged several ransomware groups setting their sights on African targets.
He said:”Threats to critical infrastructure, financial institutions, government entities, and service providers have predominated the cyber threat landscape over the past year. We have witnessed different threat actors target various businesses across industries.”
In response to these increasingly sophisticated cyber threats, Kaspersky advised businesses to adopt a multi-layered defensive strategy.
he company said: “This is where extended detection and response (XDR) solutions become essential – they analyse data not only from end-points, but from other sources.
“XDR introduces another layer of protection, as attacks on infrastructure can occur through any entry point. XDR also adds analytical and automation functions for the detection and elimination of current and potential threats.
“Furthermore, continuous security awareness training for employees and real-time access to intelligence on the latest attack methods should supplement any cybersecurity strategy.”
Hasbini added: “Businesses should consider leveraging advanced technologies, such as threat feeds, security information and event management systems, endpoint detection and response solutions, and tools with digital forensics and incident response features.
“It is vital to understand that cyber security measures are an ongoing endeavour – and that there is no universal solution to secure a corporate network or data.”