Malware is rife across Africa with various countries exhibiting strong growth in all malware types in the first half of 2021, when compared to the same period last year. This is a 5% increase in the region, as cybercriminals and hackers continue to focus on African countries considering digital transformation advancements and the increase in remote working resulting from the COVID-19 pandemic.

This is according to recent research by Kaspersky which stated that overall, four countries account for 85 million attacks, with South Africa being the most targeted (32 million attacks), followed by Kenya (28.3 million), Nigeria (16.7 million) and Ethiopia (8 million).

All countries but Kenya saw the relative growth of all malware attacks. Ethiopia and Nigeria have seen an increase of 20% and 23% respectively and South Africa an increase of 14%, while Kenya’s number of attacks decreased by 13%.

Bethwel Opil, Enterprise Sales Manager at Kaspersky in Africa.

Bethwel Opil, Enterprise Sales Manager at Kaspersky in Africa, “Even though the scourge of malware has always been of concern, the past 12-months have highlighted how hackers are refocusing their efforts to compromise consumer and corporate systems and gain access to critical data and information. Given the growth of digital transformation across Africa since last year, the continent has become an attractive target for those looking to exploit a lack of user education and cybersecurity understanding. This has contributed to the large number of personal devices still not having any form of cybersecurity software installed.”

“Malware can get onto a device in several ways. For example, clicking on an infected link or advert, opening an attachment in a spam email, or downloading a compromised app. This means proactive malware protection is essential to safeguard individual users and corporates against these threats,” adds Opil.

Ransomware challenge

Charlie Luis, Research Manager: Security and Software for Sub-Saharan Africa at IDC.

Charlie Luis, Research Manager: Security and Software for Sub-Saharan Africa at IDC says the security landscape has evolved at speed, introducing increasingly sophisticated methods of attack that are succeeding more often than ever before.

“Those determined to penetrate an organisation’s defences and security infrastructure are becoming more resourceful and successful,” he adds. “This increase in attacks and the changes to how the world now works lives and connects, calls for organisations to adopt new security strategies at speed. This is the time to shift focus, to change security gears, and to ensure that every part of the organisation is protected, from the top right down to the end-user.”

The cybersecurity threat landscape is not introducing anything new. It’s still data breaches, social engineering attacks, critical infrastructure attacks, hacks, and ransomware, but these are evolving in their complexity and capability. The attackers are also using artificial intelligence (AI) and machine learning to streamline and power their tools. They are also using intelligent threat vectors and smart tools to catch the unwary and fool the systems. It’s a war that wages back and forth between the security system and hackers, and it cannot be won with complacency.

“The threat faces organisations of all sizes, not just enterprises, and more than 71% of security breaches are financially motivated which makes ransomware one of the most popular in South Africa right now,” says Luis. “Our ransomware attacks are second only to the USA and it looks like these are unlikely to slow down any time in the near future.”

Ransomware is a challenge, one that requires infrastructure and training to mitigate. Another is the reality that many organisations have critical security misconfigurations that they are not aware of thanks to the new reality of managing across cloud and hybrid environments and on-premise environments and applying different rules to each. This significantly increases the security risk and the challenge to the organisation. Then, let’s not forget the pandemic.

“The past 18 months have shone a spotlight on the limitations of current systems based on standard methods of security,” says Luis. “With most people working from home, the pandemic required that IT resource access was changed as well as how it was secured for users and clients. This is further complicated by the fact that many companies were at different stages of their cloud strategies when the virus hit so their jump online differed from application to system to solution. This meant that security also moved with the business and this hasn’t always been an easy move to make.”

Cybercriminals took advantage of this disruption and the unexpected vulnerabilities that arose as a result of rapid moves to cloud infrastructure. The rushed procurement of IT products and services to accommodate a fresh and shiny remote working landscape meant that many companies rushed their security – they had to keep the lights on, virtual or not, to ensure they stayed in business. Some kept security in place, some dodged one or two security steps, some side-stepped their security systems entirely. Most opened up new vulnerabilities and introduced significant risks.

“Today, security is more than system and end-user, it is an ongoing process of identifying and assessing and defending from all risks,” says Luis. “The list is endless but the basics should always include strong antivirus and web filtering software, strong password policies, multi-factor authentication, vulnerability assessments, system patches, data backups, and updated systems.”