Africa is the new hotspot for cybercriminals, according to a report by research firm Checkpoint. A survey across five regions showed that the continent experienced the highest number of cyber attacks in 2021. Weekly cyberattacks on organizations increased 13 percent from 2020, to about 1,582.
Kenya recorded the second-highest number of cyberattacks in Africa, trailing Nigeria, with 32.8 million attacks in the first half of 2021.
The figures demonstrate a rise from the number of threats recorded last year during the same period when Kenya recorded the lowest percentage of attacks at 15.9. Nigeria had the highest number of threats at 24.6 percent while South Africa cam second with 16.6 percent.
“Threats can be categorised as criminal (80% of attacks), targeted (19.9%), and advanced (0.01%). The advanced grouping is significantly more sophisticated and feature increased investment from attack groups.” Amin Hasbini, Head of Research Centre, Global Research & Analysis Team, Middle East, Turkey and Africa at Kaspersky said.
The three countries recorded about 81 million attacks in total, signifying increased threats for users around the globe.
“Unfortunately, both criminal and targeted threat vectors learn from the advanced category to enhance their own attack techniques.”
According to Habini, the report indicates that cyber attackers have developed more sophisticated techniques to circumvent security systems and data. He says they have now diversified their cast net and are now focusing on non-microsoft environments, infecting firmware and executing high-profile attacks bringing in a lot of money.
“Our research shows that the most threatened industries common across these three countries are government and telecommunications, with diplomatic, education, and healthcare also being cause for concern.”
The Check Point analysis showed that the education sector suffered the highest attacks, with an average of 1,605 attacks per organization per week, a 75 percent increase from 2020.
The government and military sectors experienced 1,136 attacks per week, up 47%, followed by the communication business, which saw 1,079 attacks per week, up 51%.
Gen V assaults, which are a combination of a wide range of threats, large-scale attacks, and a broad attack surface, are one of the major difficulties facing security practitioners, according to the report.
Kaspersky further warns that with the rollout of 5G, cybercriminals are likely to take advantage of the vulnerabilities to instigate ransomware using generic mallard with increased demand for more money.
“Of course, the growth of 5G across Africa means hackers have a new platform to exploit. Furthermore, advanced threat actors will buy network access from other cybercriminals. This will also result in increased collaboration between these cybercriminals and cyber gangs as they look at more effective ways of achieving their objectives.”
“Different gangs will also start specialising in tools and other methods to better advance penetration. As people and companies rely more on technology, the number of threats will continue to increase. People must accept the risks of living a connected lifestyle and embrace the technology and tools available to safeguard themselves,” adds Hasbini.
The report offered a number of recommendations to curb the menace
Organizations should invest in a unified and cohesive protection infrastructure that provides comprehensive and faster protection, as opposed to a security architecture comprising pieces that do not align.
Organizations should look for a single solution that can cover all attack surfaces and vectors in order to achieve effective coverage.
Organizations can avert assaults by applying security patches. Cyberattacks get access to networks by exploiting known vulnerabilities for which a patch is available but has yet to be implemented. Security patches must always be maintained and up-to date across all systems and software to operate effectively.
Networks should be segregated, with strong firewall and intrusion prevention systems (IPS) in place between the segments. This prevents viruses from spreading throughout the network.
Organizations should train and educate its users to spot and report unusual occurrences to ICT to avert threats.
Integration of Security Tools
There is no one-size-fits-all solution that can defend businesses from all risks and attack vectors. Machine learning, sandboxing, anomaly detection, and content disarmament are just a few of the fantastic tools and ideas accessible.