Kenya experienced 32.8 million cyber-attacks within the first half of 2021, the second highest cyberattacks in Africa after Nigeria which recorded 61.7 million attacks, a recent report by Kaspersky shows.
According to the report, the 32.8 million attacks in Kenya were a 15.9 percent increase from that recorded within the same period last year, while the number in Nigeria jumped up by 24.6 percent. At 31.5 million attacks, South Africa recorded the third highest number of cyber-attacks, a 16.6 percent increase.
Kaspersky said, the findings reveal that Africa as the new target for cyber criminals setting crosshairs on targeting government and telecommunications sector, education, healthcare, finance and more recently, small and medium enterprises due to their poor investment in cyber security.
The most dominant threat actors on the continent identified by Kaspersky include Lazarus, DeathStalker, CactusPete, and IAmTheKing.
“They are looking at non-Microsoft environments, infecting firmware, and even embarking on ‘big game hunting’ exercises focused on high-profile monied targets. They also use these as platforms to access other businesses,” said Amin Hasbini, Kaspersky Head of Research Centre, Middle East, Turkey and Africa.
Kaspersky categorises the threats as criminal (80 percent of attacks), targeted (19.9 percent), and advanced (0.01 percent). The advanced grouping is more sophisticated and features increased investment from attack groups. As society relies more on technology, the level of ransomware development and number of threats is expected to increase. He warns of 5G vulnerabilities as ransomware gangs use generic malware, and more disruptive attacks to demand for money, or blackmail targets.
“This will also result in increased collaboration between cybercriminals and cyber gangs as they seek more effective ways of achieving their objectives. Different gangs will also start specialising in tools and other methods to better advance penetration,” said Hasbini.
“Unfortunately, both criminal and targeted threat vectors learn from the advanced category to enhance their own attack techniques. They are embracing more sophisticated methods to compromise systems and data. Ransomware has also become a significant threat vector targeting users and organisations locally,” noted Hasbini.