Article summary
- A Kaspersky cybersecurity report shows that Nigeria is among the top 3 African countries facing a surge in online threats.
- The three countries from Africa are also among the top 100 in the world.
- Kaspersky advised businesses and technology leaders on the continent to adopt a multi-layered defensive strategy.
A cyber threats report by Kaspersky has revealed that Nigeria, South Africa, and Kenya are the top three African countries facing online threats.
According to the report, these 3 African countries featured prominently in the global top 100 for online threats. Kaspersky disclosed that while Nigeria, currently ranks 50th worldwide for online threats, South Africa ranks 82nd, and Kenya is 35th on the global list.
In the first quarter of 2023, Kaspersky reported that backdoor and spyware attacks were the most common threat types in South Africa, amassing 106,000 attack attempts. Similar attack attempts were observed in Nigeria, totaling 46,000, while the same type of attack peaked at 143,000 in Kenya. However, in Kenya, exploits emerged as the most dominant form of attack with 177,000 incidents blocked.
Kaspersky also highlighted the growing surge of zombie machines –connected device that becomes part of a botnet. Examples include legacy, old and forgotten devices, IoT devices, network equipment, printers, cameras, and even coffee machines. In the year to date, 1.6 million zombie machines have been detected in South Africa and 300,000 in Kenya.
Cyberthreat trends
Presenting the report at the just concluded inaugural GITEX Africa conference, held in Morocco, the Head of the Global Research & Analysis Team (GReAT) for META at Kaspersky, Dr Amin Hasbini, said:
- “Criminal attacks are mainly driven by the pursuit of financial profit, whereas advanced attacks indicate how cyber threat actors continually adapt their tactics and tools to breach security measures. A significant portion of the attacks witnessed across Africa are shaped by the rapidly changing geopolitical landscape. However, a growing concern is that cybercriminals are learning from successful advanced attacks to refine their craft.”
Dr. Hasbini’s presentation also flagged several ransomware groups setting their sights on African targets.
- “Threats to critical infrastructure, financial institutions, government entities, and service providers have predominated the cyber threat landscape over the past year. We have witnessed different threat actors target various businesses across industries,” he said.
What businesses need to do
In response to these increasingly sophisticated cyber threats, Kaspersky advised businesses to adopt a multi-layered defensive strategy.
- “This is where extended detection and response (XDR) solutions become essential – they analyse data from endpoints and other sources. XDR introduces another layer of protection as attacks on infrastructure can occur through any entry point. XDR also adds analytical and automation functions to detect and eliminate current and potential threats. Furthermore, continuous security awareness training for employees and real-time access to intelligence on the latest attack methods should supplement any cybersecurity strategy.
- “Businesses should consider leveraging advanced technologies such as threat feeds, security information and event management systems, endpoint detection and response solutions, and tools with digital forensics and incident response features. It is vital to understand that cyber security measures are an ongoing endeavor – and that there is no universal solution to secure a corporate network or data,” Dr. Hasbini added.