Read time: 3 minutes

Cybersecurity threats in Africa and keeping users safe

By , Founder and CEO of IS Decisions
Africa , 13 Oct 2020
François Amigorena,  founder and CEO of IS Decisions.
François Amigorena, founder and CEO of IS Decisions.

Africa is growing quickly in terms of population, economy, and global influence. Technology adoption continues to rise in Africa. However, with this growing prosperity and digitisation comes new risks and vulnerabilities that could undermine progress.

In order for African organisations to continue to grow and realise their full potential, it’s vital to implement effective security initiatives to stop the rising tide of cyber threats.

Why is Africa an attractive target?

In today’s world, to acquire new capabilities, increase efficiency and/or reduce costs, companies need to adopt new technologies. It allows one company to move quicker and more surely than their competitors. However, with each new application comes a need to secure users, data and the environment that the solution integrates into.

For Africa, the problem is that companies are often seen as an easy target for cybercrime. The common issue is because of a ‘lack’ of something.

• Lack of resources: companies don’t want to invest in something that might necessitate updating the whole infrastructure, updating storage or updating the operating system. A lack of local legislation –such as GDPR - also doesn’t ‘force the issue’ as it often has in other parts of the world.

• Lack of expertise: IT is becoming more and more complex. Companies have partners and supply chains that extend far beyond the traditional network perimeter and make things even harder to defend.

• Lack of information and training: Many companies don’t have a large IT team that can keep up with new legislation, best practice or have the time to even help improve employee’s own security awareness.

• Lack of time: Businesses are understandably focusing on being operational day to day, so they can serve customers to keep the business going and pay the staff working.

Three main cyber-threats in Africa

Ransomware attacks

Ransomware has become increasingly dominant in recent times and continues to evolve. Never before have companies in Africa been subjected to extortion on such a massive scale as they are today. And while there have been a number of high-profile cyber-crime arrests made by law enforcement over the past few years, cyber criminals continue to evolve and diversify their arsenal. Key preventative and proactive measures such as two-factor authentication are needed to provide additional layers of defense against ransomware

Phishing due to poor security awareness

The sophistication of some attacks and tactics used by cyber criminals demonstrates how vulnerable users are. In Africa, many phishing attacks have happened in the past few year. For example, some attacks impersonated tax officials in an attempt to trick people into downloading malicious email attachments. In their simplest form, many scams still rely on the poor security habits from users to succeed.

Password sharing

Once again, this is about your users being the weakest link in your organisation. But you shouldn’t blame the user. Users are human, they are flawed, careless and often exploited.. For example, in South Africa, a study revealed that 52% share passwords and 51% know the password to an account or system that is not their own.

How to overcome these threats?

Taking into consideration the lack of resources, time and expertise for many companies in Africa, you need to find a simple and affordable solution to make sure you keep your users secure.

The simplest and most common activity to every cyber-threat action is the logon. Nearly all threat actions require a logon. Whether we’re talking about endpoint access, lateral movement between endpoints, external access via VPN, remote desktop access, or more, they all share the common requirement of a logon.

For most employees the only security protecting access is a password, and once the attacker has it they can easily bypass most companies security controls. So your goal is to address the vulnerabilities of the password and to make sure it doesn’t get compromised.

The concept of enhanced logon security centers around five primary functions:

• Two-Factor Authentication – Address the vulnerabilities of passwords by verifying the identity of all your users to secure access to your network.

• Policy & Restrictions – Establish who can logon when, from where, for how long, how often, and how frequent. By restricting simultaneous sessions to one per user, you can stop password sharing.

Real Time Monitoring – Every logon is monitored and tested against existing policies to determine if a logon should be allowed or not.

IT and End-User Alerting – Notify IT and the user themselves of inappropriate logon activity and failed attempts. The user will know if this activity is appropriate or not.

Immediate Response – Allow IT to interact with a suspect session, to lock the console, log off the user, or even block them from further logons.

Thanks to enhanced logon security, the ability to successfully logon becomes more that just whether the right credentials are used and users are responsible for their actions.

Companies in Africa need to urgently address efforts to combat cyber-crime and improve their cyber security posture. The current cyber threat landscape in Africa shows that users are being impacted both by threats that are trending globally, as well as some that are more specific to the region.

Despite all the awareness around cybersecurity, users will always make mistakes, which is why it’s your job to protect their logons from their own behaviour.

Daily newsletter