While Africa’s digital landscape is expanding at a rapid pace, the region’s lack of adequate measures and procedures to prevent cybersecurity has led to a rise in cyber threats. Cyberattacks in Africa are becoming more common and sophisticated, posing a threat to the region’s crucial information infrastructure and necessitating immediate action to bolster defense measures in the continent. The frequency of cyberattacks targeting government agencies and organizations has been increasing in Nigeria, and in other African countries.
The rise in cyber threats has been especially significant in Africa, with Mauritius ranking 6th, Nigeria 11th, Morocco 15th, and Kenya 25th in terms of being targeted and attacked. South Africa is positioned at 55th place globally, as revealed by Check Point Software Technologies Ltd in its Global Threat Index for October 2023, which was published in November. The report highlighted a significant increase in Remote Access Trojan (RAT) attacks, specifically targeting government agencies and organisations in the Middle East and Africa. These attacks have now moved up to the second position in terms of frequency.
Formbook had the highest occurrence among malware.
Also, the report detailed the spread of the sophisticated RAT Agent Tesla, which was fueled by a new and complicated mal-spam campaign that spread malware via malicious email attachments. Cyberattacks of this type continue to be most common in the education sector, the report said. Rudi van Rooyen, a sales engineer at Check Point Software, warned that hackers’ advanced techniques of spreading malware, such as posing as credible firms or sending malicious attachments in emails, must be taken seriously. It’s important to have our guard up as we move into the holiday shopping season in November, he said.
Cyber criminals are capitalizing on the surge in online shopping activity, affecting regions worldwide, including Africa. Last month, the cyber security firm revealed that Formbook had the highest occurrence among malware, affecting 3 percent of organizations worldwide. Following closely behind were NJRat and Remcos, each with a global impact of 2 percent. Emphasizing their influence on the continent, the company stated that Formbook is an Info-stealer designed for the Windows OS and was initially discovered in 2016.
Remcos impact in Africa has been relatively minimal.
Due to its effective evasion strategies and low pricing, it is sold as Malware as a Service (MaaS) on dark web hacking communities. FormBook harvests credentials from multiple online browsers, takes screenshots, monitors and tracks keystrokes, and can download and execute files according to directions from its C&C. It has a relatively small effect in South Africa (3%), but a sizable one in Kenya (16.9%) and Nigeria (9.2%). The remote access Trojan NJRat, which has previously focused on Middle Eastern government agencies, is currently experiencing rapid expansion in Africa.
Meanwhile, Remcos spreads via malicious Microsoft Office documents attached to SPAM emails. It is built to circumvent Microsoft Windows User Account Control (UAC) security and execute malware with elevated permissions. While its global presence is indeed a cause for concern, its impact in Africa has been relatively minimal. Communications, ISP/MSP, banking, and government and military are the most often targeted businesses across the continent. Recently, a cyber criminal group known as Anonymous Sudan attempted to disrupt the network of MTN Nigeria as a form of protest against Nigeria position on the coup in the Republic of Niger.
Hacktivist group poses a threat to the nation’s vital information.
Another warning was issued recently by the National Information Technology Development Agency via its Computer Emergency Readiness and Response Team in regards to hacking activity aimed at government agencies uncovered by the agency’s dedicated security division. It warned that the hacktivist group, renowned for its politically and religiously driven cyberattacks, poses a serious threat to the nation’s essential information infrastructure. The evolution of the region’s digital domain clearly lags behind that of its enforced cyber security regulations. The consequences of not addressing cyber threats affect not only individuals and companies, but also the continent’s economic and social progress as a whole.