Cyber-attacks are increasingly becoming a constant threat for businesses across the globe and particularly in Africa.
Cybercriminals find Africa an attractive scene to stage the attacks because many firms have yet to invest adequately in anti-hacking measures. Various reports indicate that various African countries, Kenyan among them, have in the recent past witnessed a surge in cases of cyber attacks
Kenyan has had to deal with over 1,400 cyberattacks every week over the last six months, a report by cyber security firm Check Point has revealed.
Data from the Check Point Research Threat Intelligence Report for Kenya highlights how widespread the problem in the country is and how it could become worse next year, with the global average number of weekly attacks being 870.
“It’s alarming to think that Kenyan businesses are dealing with almost 540 more weekly cyber-attacks than their peers across the globe,” Pankaj Bhula, Check Point’s Regional Director for Africa told Digital Business.
“This signals an urgent need for Kenya’s businesses to take a proactive approach to cybersecurity solutions, while focusing on companywide education on security hygiene to keep users and the business safe online.”
This year has seen a 29 percent rise in cyberattacks against businesses across the world but in Africa, this growing threat is driven by an increase in users accessing the internet, creating a larger pool of targets for online criminals.
The report further indicates that Kenya’s connected population nearly reached 22 million users in January 2021, a figure likely to have grown as pandemic lockdowns forced many business and government services online.
The study shows that email is the prevailing vector for malicious-file delivery in Kenya, being the origin point for 70 percent of attacks over the last month.
With social engineering attacks over email on the rise, the survey warns that businesses must double down on efforts to drive cybersecurity awareness if they are to survive in 2022, a year when the country will hold General Elections.
“Over the same period, there has been a surge in the exploitation of vulnerable infrastructure with 69 percent of Kenyan organisations being affected by Remote Code Execution (RCE),” the report says. In an RCE attack, a cybercriminal gains remote control of a device and sensitive data stored on it.
The report also notes that malware attacks affected 13 percent of businesses in the country, calling on companies of all sizes to prepare a proper budget for cyber security.
Of the most common malware, which includes botnets and crypto miners, Check Point identified one backdoor that was responsible for the bulk of Kenyan-business cyberattacks.
Called Floxif, the malware penetrated IT systems of local businesses, and globally, it managed to infect over 2 million users in 2017, including large tech companies.
From a global perspective, the public sector falls within the top five industries most targeted in cyber-attacks, with government and military organisations experiencing 1,229 cyber-attacks per week on average.
“In Kenya, this figure is a staggering 2,765. However, globally, financial institutions experience a weekly average of 760 cyber-attacks, while in Kenya, the number of attacks is slightly lower at 745,” the study shows.
While it is encouraging to see Kenya’s financial players are navigating security more efficiently than many of its global peers, the number of weekly attacks remains high, creating a stumbling block in ensuring financial inclusion and economic stability for Kenya’s population.
On December 14, 2021, Google asked its 2.6 billion Chrome users to update the browser urgently to fix a "critical" bug that was being exploited by hackers.
The update also fixes a further four security bugs and failure to install it could lead to hackers using the bugs to run a dangerous code on your machine, hijacking your online life.
A separate study by Kaspersky last month shows that the increase in cyber threats recorded in the first half of this year in Kenya amounted to 32.8 million.
Compared to similarly prominently targeted countries in Africa, the recorded number was at par with South Africa accounting for 31.5 million, and nearly double the number recorded in Nigeria at 16.7 million.
“Threats can be categorised as criminal (80 percent), targeted (19.9 percent), and advanced (0.01 percent). The advanced grouping is significantly more sophisticated and features increased investment from attack groups,” said Amin Hasbini, Head of Research Centre, Global Research and Analysis Team, Middle East, Turkey and Africa at Kaspersky.
He added that both criminal and targeted threat vectors learn from the advanced category to enhance their own attack techniques.
Current trends show that attackers around the world are embracing more sophisticated methods to compromise systems and data. For instance, they are looking at non-Microsoft environments, infecting firmware, and even embarking on ‘big game hunting’ exercises focused on high-profile targets with lots of money.
The most dominant threat actors on the continent identified by Kaspersky include Lazarus, DeathStalker, CactusPete, and IamTheKing, with ransomware becoming a significant threat vector targeting users and organisations locally.
Kaspersky also warns of 5G vulnerabilities, targeted ransomware gangs using generic malware and more disruptive attacks along with more money demands, threatening and blackmailing.
For 2022, the growth of 5G across Kenya means hackers have a new platform to exploit. Kaspersky warns that advanced threat actors will buy network access from other cybercriminals.
“This will also result in increased collaboration between these cybercriminals and cyber gangs as they look at more effective ways of achieving their objectives. Different gangs will also start specialising in tools and other methods to better advance penetration,” says Mr Hasbini.
“As people and companies rely more on technology, the number of threats will continue to increase. People must accept the risks of living a connected lifestyle and embrace the technology and tools available to safeguard themselves.”
Check Point advises that businesses, big and small, must invest in IT security infrastructure, taking a proactive rather than reactive approach to cybercrime.
To maintain business operations, these organisations will need comprehensive intelligence to proactively stop threats by monitoring networks and have a proper incident response in place to quickly respond to and resolve any attacks
“Employees must be vigilant about phishing emails and avoid accessing unsecured websites. They must only use trusted Wi-Fi networks and should consider adopting a password manager so they can use different, strong passwords when accessing various websites,” the cyber security firm advises.
It calls on businesses to ensure that they are using the latest updates of their security software, web browsers and operating systems, noting that updates are how developers deliver vulnerability fixes to protect against attacks.