BY ANTONY MUTUNGA
A majority of individuals have shifted digitally. Businesses have also integrated technology. This has been both a blessing and a curse. While technology has helped some businesses to expand and grow in leaps and bounds, cyber criminals have been giving those who have not invested in cybersecurity sleepless nights.
Kaspersky detected 10,722,886 phishing attacks in Africa in Q2 2022 – the most affected countries are Kenya, South Africa and Nigeria. Kenya was the most hit as there were 5,098,534 attacks detected in three months – a growth of 438% when compared to the previous quarter. It was followed by South Africa (4,578,216 detections and a growth of 144%) and Nigeria (1,046,136 detections and a growth of 174%).
It is also interesting that in Q2, Africa was once again facing an increasing number of cyber-attacks mainly in the form of backdoor computer malware. According to Kaspersky, the number of backdoor malwares detected increased, posing a general challenge to government and private players.
South Africa recorded the most significant increase in backdoor detections from Q1 to Q2, by 140% to 11,872 cases, with the share of affected users rising by 10%. Nigeria’s backdoor detection also recorded a significant increase of 83% to 2,624 cases, with the share of affected users increasing by 24%. In Kenya the number of detections increased in Q2 to 10,300 (53% increase from Q1), and the share of users affected by backdoors increased by 11%.
Backdoor malwares are seen as the most dangerous malwares used by cyber-criminals due to their ability to hand cyber-criminals remote administration of a victim’s machine. Unlike legitimate remote administration utilities, backdoors install, launch and run invisibly, without the consent or knowledge of the user.
As a result, once installed, a hacker can easily execute, send, receive and delete any file, whether confidential, or just raw data, and access log activity in the system. Backdoors enable a series of long unnoticed cyberespionage campaigns, which may result in significant financial, and reputational losses.
Recently, a backdoor malware known as SessionManager was detected – it was responsible for various attacks not only on governments but also Non-Governmental Organizations around the world. The malware was set up within Microsoft’s Internet Information Services (IIS), a web server edited by Microsoft, as a module. The malware gave the hacker access to a wide range of malicious activities from collecting emails to complete control over the victim’s infrastructure. What can tech and non-tech players do to contain formidable malwares?
In order to avoid being affected by the growing number of cyber-attacks, organizations in Africa and beyond as well as individuals, should invest in updated cyber security structures. With the world shifting to digital, that is the clear path to minimize any cyber risks.
According to Amin Hasbini, head of Global Research and Analysis Team (GReAT), Middle East, Türkiye and Africa region at Kaspersky, corporate systems should be constantly audited and carefully monitored for hidden threats. Gaining insights into active cyberthreats is paramount for companies to protect their assets, and threat intelligence is the only component that can enable reliable and timely anticipation of complex backdoors.
It is important for organizations to focus on strategies that would detect lateral movements and data exfiltration to the Internet as well as pay special attention to outgoing traffic to detect cybercriminal connections. As always, it is critical to back up data regularly and make sure you can quickly access it in an emergency. These are practises that Africans need to normalize if they are to survive the digital era.
Writer is an accountant working for The Nairobi Law Monthly, a sister paper of the Nairobi Business Monthly.
