A combination of increasingly sophisticated propagation technologies and continued economic uncertainties resulting from the Covid-19 pandemic have seen the number of financial malware attacks reported in South Africa during the first half of 2021 increase by more than 10 400 over the comparative period last year, according to Kaspersky research.

“Of these attacks, 24% targeted corporate users. This makes financial malware attacks a significant cybersecurity risk facing the local market today across both the consumer and business sectors,” says Bethwel Opil, enterprise sales manager at Kaspersky in Africa.

Local organisations have become susceptible to financial malware as more employees work outside the relative safety of the corporate network. The normalisation of a distributed workforce makes ensuring the protection of the personal endpoint devices of people, who need to access back-end systems to continue performing their job functions, that much more critical. In addition to securing these devices, cybersecurity training of employees remains a key component to defend against the growing scourge of financial malware that uses phishing techniques to target individual users.

“This increase seen in financial malware attacks in South Africa reiterates the urgent need for cybersecurity awareness training programmes and substantiates our focus around this into the corporate landscape,” adds Opil. “What is also interesting to note and mention, is that Kenya and Nigeria, two other African countries that we monitor closely, show a different picture, having seen a decrease in financial malware attacks by 68% and 35% respectively. Ethiopia, on the other hand, has seen a staggering 142% increase in H1 2021. In my opinion, this makes it difficult to pinpoint a particular targeted country or sector at any specific time. In fact, it reiterates our message that malware, and other cybercrime, is a global, persistent problem that needs to be protected against.”

Some of the best practice that must be employed include having employees only install applications from reliable sources, such as official app stores. Even so, they must always examine the permissions the application requests. If these permissions do not match the intended function of the programme, then it must be questioned and brought to the attention of the IT administrator. Companies and consumers alike must also install trusted security solutions on all their devices connecting to the Internet to help safeguard against a range of financial cyber threats. And throughout this, it remains important to ensure all software have the latest security patches and updates installed.

Beyond the fundamental cybersecurity solutions and training, companies must consider using the likes of anti-advanced persistent threat (APT) and endpoint detection and response (EDR) technologies to further shore up the defensive posture of the network environment.

“With the landscape unlikely to change for the foreseeable future, it is best to combine sophisticated cybersecurity solutions with continuously evolving training to keep employees appraised of the latest threats especially when it comes to financial malware,” says Opil.