There’s been a 48% surge in cyberattack volumes globally, since March 2020, with sudden increases in cyberattack volumes corresponding to spikes in Covid-19 infection rates in April and October.
In sub-Saharan Africa there was a 41% increase in cyberattacks from 2019 to 2020, according to a new Mimecast’s new, “The year of social distancing”, which details the extent to which organisations have been targeted by cyberattackers during the pandemic.
Brian Pinnock, Mimecast cybersecurity expert, comments: “We’ve noted how criminals are using various topics around the pandemic to trick users into risky behaviour. Our threat intelligence team has provided data for sub-Saharan Africa to accompany the global report and they noted an increase in detections in malicious activity every month in 2020 compared to 2019.
“Detections include impersonation, known and unknown malware, spam and blocked clicks.”
Mimecast data for sub-Saharan Africa shows:
* The number of detections across all attack types doubled between November 2019 and November 2020;
* Detections in September 2020 was 66% higher year-on-year;
* Detections in December 2020 were 72% higher year-on-year; and
* February, March and May 2020 saw 50% increases in detections across all attack types.
“This week marks one year since South Africa went into lockdown, on 26 March 2020,” Pinnock says. “Interestingly, Mimecast researchers found a massive increase in blocked clicks in sub-Saharan Africa in March and April last year. March jumped up by 124% from February detections, while April saw a 99% increase from March.
“This is significant as everyone in the country was confined to their homes, spending more time online and eager for information and therefore more likely to click on links.
“Alarmingly, the first two months of 2021 saw and even greater increase in blocked clicks, with an eight-fold increase (888%) in January 2021 compared to January 2020, and an eighteen-fold year-on-year increase (1802%) in February 2021.
“This is telling as it highlights the major difference between the beginning of 2020 where the pandemic had not yet reached our shores and the beginning of 2021 where the country was back in level 3 lockdown and had retreated back to their homes.
“The African region’s widespread use of and reliance on mobile technology may also be significantly impacting clicking behaviour, as the display of URLs on a mobile device is often cut down in the user’s view, making it easier for cybercriminals to trick end-users in the region,” Pinnock adds.
The Mimecast report noted that cyberattackers took advantage of the pandemic to launch a torrent of Covid-19-themed social engineering attacks, knowing that people were under stress working in a home environment and therefore more likely to be deceived or make mistakes.
“Threat actors also employed a ‘flood the zone’ strategy targeting security operations centres,” explains Pinnock. “With security analysts stretched thin, cybercriminals saw opportunity in overwhelming them with a high volume of threats to increase the likelihood their attacks would slip through organisational defences.”