To this end, the security specialist has announced its cybersecurity predictions for Southern and East Africa.
During the past six months, Check Point Research has seen an increase in cyberattacks targeting the government, insurance, and finance sectors in South Africa. On average, there have been more than 1 450 attacks per week in the country. This trend will likely continue over the coming months as more threats start coming from cloud and mobile platforms. Threat actors will not limit their focus to South Africa and will potentially target countries across the continent.
The rapid adoption of cloud computing in Africa saw supply chain attacks emerging last year with breaches occurring in the Okta cloud-based identity management platform. Check Point anticipates that these supply chain attacks will continue through 2023 with a significant amount of risk coming from the open source community. Typically, suppliers relying on these open source systems have not properly vetted them or have been lax in managing these environments, resulting in cybersecurity weak points emerging.
It is especially South Africa and Kenya that have become key targets around the cloud. In both countries, many companies are moving workloads to the cloud. Hypervisors like AWS, Microsoft, Google, and Oracle have established data centres in these countries. This will result in more businesses and consumers turning to cloud security solutions to safeguard their systems and data.
Furthermore, the expanding remote workforce has resulted in many organisations relying on the collaboration of services and applications on several platforms. Many businesses across southern and eastern Africa allow their staff to access corporate information on mobile devices without ensuring that enhanced security has been implemented.
Top malware families like Hiddad will continue to gain access to Android-based mobile devices, repackaging legitimate apps, and distributing them to third-party stores. These apps facilitate access to key security features built into the operating system. Even more malware alternatives will come to prominence in 2023.
Major malware families like Emotet (Botnet), Nanocore (RAT), and Qbot (Trojan) are expected to cause major disruptions on the continent. This will require organisations to place emphasis on security controls with a threat prevention approach across all their platforms. Doing so will strengthen their defences against ransomware and supply chain threats.
Globally, ransomware was the number one threat in 2022. Uncertainty across the various African economies around service delivery and critical infrastructure will likely see more countries face cyberattacks targeting the government. To mitigate against this risk, both public and private sectors must embrace a robust architecture that provides uncompromised security and unparalleled operational efficiency.
For instance, the number of cyberthreats reported to the Kenyan National Cyber Crime Centre (NCC) in the first quarter of the 2022/23 year rose by almost 200%. According to the Communication Authority of Kenya (CA), the number of cyberattacks detected in the country in the three months ending September 2022 stood at 278-million. This is almost three times the number of threats reported in the previous quarter.
The country has implemented a number of initiatives to strengthen its cybersecurity infrastructure, including the establishment of the National Cyber Security Authority and the National Computer Incident Response Team (National KE-CIRT/CC). Their mandate is to coordinate response and manage cybersecurity incidents nationally and to collaborate with relevant actors locally, regionally, and internationally.
The availability of more advanced technology means organisations can strengthen their defensive stances. For example, Kenyan businesses have embraced the Zero Trust Network Access (ZTNA) and Secure Access Service Edge (SASE) approaches. These combine both the network system and security measures to enable organisations to manage both the network and network security together.
It has become common for employees to connect to a company’s systems via a VPN from home or a coworking space, and use services provided in the cloud to carry out their work. With workplace and data asset locations diversifying, it has become more difficult for a company’s IT department to manage everything under a unified security policy.
ZTNA and SASE bring network services and security services together, making it possible to maintain security without getting in the way of employee work.
The cyberthreat landscape in the coming months will put pressure on companies across Africa and the rest of the world. With the growth in adoption of artificial intelligence and machine learning, attack vectors will increase in ferocity. Organisations and consumers must embrace a comprehensive cybersecurity approach to ensure their environments are kept safe.
“There is simply no respite from ransomware and increasingly sophisticated cyberattacks,” says Pankaj Bhula, regional director for Africa at Check Point. “This puts users under increasing pressure to keep up to date with the latest trends in the threat landscape. We know that these criminals are continually evolving in how they develop and perpetrate attacks. With smaller, more agile malicious groups looking to exploit any potential weak points in company and end user defences, people cannot afford to not take cybersecurity seriously.”
The coming months will highlight the importance of organisations and consumers needing to remain vigilant and ensure their applications and data remain protected.
With malware on the rise, the normalisation of hybrid work, and the need to adopt advanced technologies in a digital world, it is imperative that users across Africa prioritise their cyber defences.
By IT-Online and LB