South Africa ranked 26th on Check Point Software Technologies’ global risk ranking Threat Index for Q1 2016.
At the end of the first quarter of 2016, South Africa climbed the list of most attacked countries with a ranking change of 26 places from the end of 2015, in an index where the higher the ranking the greater the threat of cyber-attack. In the preceding year, the country ranked at 52.
Developing and African nations are highly represented in the upper rankings of the index, including Namibia and Malawi in second and fourth spots respectively, and Nigeria at 16th position.
“South Africa’s rise in ranking shows that the range and volume of attacks that organisations face has continued to grow in the first quarter of 2016, highlighting the challenges they face in securing their networks,” says Doros Hadjizenonos, country manager at Check Point Software Technologies South Africa.
“Security professionals cannot rest on their laurels, as we are seeing a lot of movement month to month for many of the countries on the index. It is important to stay vigilant, and work towards advanced preventative and automated threat responses.
“This is especially important as devices proliferate, and we blur the lines between work and personal devices,” he says. “Mobile is increasingly the focus of targeted attacks, and unsecured personal devices on an enterprise network can become vulnerabilities for the entire system.
“Organisations will need to prepare for this in their security strategy, applying the same level of security as required by traditional networks and PCs.”
Trend analysis from the Check Point Threat Index in Q1 2016 (January to March 2016) revealed a startling growth in mobile malware which, for the first time, ranks as one of the 10 most prevalent attack types affecting corporate networks and devices globally.
The previously-unknown HummingBad agent – which was only discovered by Check Point in February – was a large contributor to this, ranking as the seventh most common malware detected targeting corporate networks and devices in the month of its discovery, and claiming the sixth top spot in March.
Hummingbad targets Android devices specifically, facilitating malicious activity such as installing a key-logger, stealing credentials and bypassing encrypted email containers used by companies, allowing for interception of corporate data.
Check Point identified more than 1 500 different malware families during January, 1 400 in February and 1 300 in March. At the end of the quarter, the Virut, Dorkbot and Conficker families were the three most commonly-used malware variants in South Africa.
The decrease in the variety of malware families reflects a concentration trend, rather than a decrease in volume, and is perhaps an indicator of the sophistication of the threat environment: cyber criminals do not need to develop entirely new malware; rather it is often sufficient to make small changes to existing families to circumvent security.
Check Point’s threat index is based on threat intelligence drawn from its ThreatCloud World Cyber Threat Map, which tracks how and where cyberattacks are taking place worldwide in real time.
