According to the most recent data from the Kaspersky Security Network (KSN), cyber dangers have increasingly focused on Nigeria, which is presently rated 50th globally for online threats, South Africa, which is ranked 82nd, and Kenya, which is ranked 35th. At the recent first GITEX Africa conference, which was held in Morocco, Kaspersky gave a presentation on the realities of cyber threats in Africa.
In addition to discussing many cyberthreat trends, Dr. Amin Hasbini, Head of the Global Research & Analysis Team (GReAT) for META at Kaspersky, warned business and technology leaders about two main types of cyberattacks: criminal and advanced.
Advanced assaults show how cyber threat actors continuously modify their strategies and tools to circumvent security measures, in contrast to criminal attacks, which are primarily motivated by the desire for financial gain. The continually shifting geopolitical environment has a huge impact on the attacks that occur throughout Africa. However, there is rising concern about the fact that hackers are honing their skills by studying successful advanced attacks, according to Dr. Hasbini.
According to a Kaspersky analysis from the first quarter of 2023, backdoor and spyware attacks—which totaled 106,000 attack attempts—were the most frequent threat kinds in South Africa. Similar attack attempts totaled 46,000 in Nigeria, while attacks of this nature peaked at 143,000 in Kenya. With 177,000 events prevented, exploits, however, became the most common type of attack in Kenya.
In addition, Kaspersky emphasized the rising number of “zombie machines,” or linked devices that join botnets. Examples include IoT devices, network equipment, printers, cameras, and even coffee makers. Legacy, outdated, and neglected devices are another. There have been 300,000 zombie devices found in Kenya and 1.6 million in South Africa so far this year.
Several ransomware organizations targeting African targets were signaled in Dr. Hasbini’s presentation. The majority of cyber threats during the past year have targeted vital infrastructure, financial institutions, governments, and service providers. Different threat actors have been seen to attack diverse businesses across industries.
Businesses are encouraged to implement a multi-layered defense strategy in response to these increasingly complex cyber threats. Extended detection and response (XDR) solutions are crucial in this situation because they analyze data from a variety of sources in addition to endpoints. XDR adds an additional layer of security because assaults on infrastructure might come from any entry point. For the detection and eradication of present and future risks, XDR also includes analytical and automation functions. Any cybersecurity strategy should also be supplemented by ongoing security awareness training for staff and real-time access to intelligence on the newest attack techniques.
Businesses should think about utilizing cutting-edge technologies like threat feeds, security information and event management systems, endpoint detection and response solutions, and tools with digital forensics and incident response capabilities, according to Dr. Hasbini. Understanding that cyber security efforts are ongoing and that there is no one-size-fits-all method to secure a corporate network or data is crucial.