Cybersecurity threats loom large in Africa, with a Normalized Risk Index of 95.4, Zimbabwe leads the pack – ranking second as the most attacked country globally, followed closely by Ethiopia at 92.6 (third) and Kenya at 69.4 (10th).
These rankings, from Check Point Software Technologies, reflect the urgent need for heightened cybersecurity measures and proactive defense strategies to mitigate the ever-evolving threat landscape.
The findings from the Risk Ranking highlight the critical importance of cybersecurity readiness for African businesses. Despite efforts to bolster defenses, countries like Angola (7), Uganda (11), and Macao (12) have also experienced significant shifts in their risk rankings, emphasizing the dynamic nature of cyber threats. Ghana, for instance, has seen a notable rise in its risk index, climbing from the 21st position to 13th, signifying the escalating cyber risks faced by organisations in the country.
As cybersecurity continues to be a top concern globally, it is imperative for African businesses to remain vigilant and prioritise investments in robust security solutions to safeguard against potential cyber-attacks.
Issam El Haddaoui, Check Point Security engineering manager: Africa, says: “In light of these statistics, organisations in Africa must adopt a proactive approach to cybersecurity, leveraging advanced threat intelligence, robust defense mechanisms, and comprehensive incident response plans. The findings highlight the top attacked industries and prevalent malware strains, underscoring the critical need for enhanced cybersecurity measures.”
Globally, Education/Research remained in the 1st place in the attacked industries, followed by Government/Military and Healthcare.
In Africa, the landscape is slightly different this month:
* Insurance/Legal: The insurance and legal sectors in Africa have become prime targets for cyber-attacks, facing significant risks to sensitive data and critical operations.
* SI/VAR/Distributor: Service integrators, value-added resellers, and distributors are also under constant threat, highlighting the importance of securing supply chains and partner networks.
* Healthcare: The healthcare industry faces persistent cybersecurity threats, jeopardising patient privacy and the integrity of medical records.
* Consultant: Consulting firms are increasingly vulnerable to cyber-attacks, posing risks to client data confidentiality and business continuity.
* Government/Military: Government agencies and military institutions are high-value targets for cyber adversaries, requiring robust defense mechanisms to safeguard national security interests.
Globally, FakeUpdates was the most prevalent malware last month with an impact of 6% worldwide organisations, followed by Androxgh0st with a global impact of 4%, and Qbot with a global impact of 3%.
However, the situation in Africa is quite different:
* Phorpiex: This notorious botnet, also known as Trik, has been active since 2010, orchestrating large-scale spam campaigns and distributing various malware families across Zimbabwe, Nigeria, and Mozambique.
* Allcome Clipper: Targeting cryptocurrencies, Allcome Clipper hijacks clipboard data for outgoing transactions, leading to significant financial losses and identity theft in Zimbabwe and Nigeria.
* Expiro: This polymorphic file infector steals user and system information, perpetuating infections and compromising data integrity in Zimbabwe and Nigeria.
* Qbot: A multifunctional malware, Qbot facilitates credential theft, ransomware delivery, and backdoor access, posing significant risks to organisations in Zimbabwe and South Africa.
* FakeUpdates (SocGholish): This downloader malware compromises systems and leads to further infections by deploying additional malware strains, including ransomware, across South Africa and Nigeria.
“The prevalence of these malware strains underscores the urgent need for proactive cybersecurity measures and collaborative efforts among stakeholders to combat cyber threats effectively,” says El Haddaoui.
As cyber threats continue to evolve and proliferate, it is imperative for organisations across Africa to prioritize cybersecurity investments, implement robust defense strategies, and foster a culture of cyber resilience. By staying vigilant and proactive, businesses can effectively mitigate the risks posed by cyber adversaries and safeguard their digital assets and operations.