As organisations continue to become more digitised, throughout 2023 Africa remains one of the world regions most targeted by cybercrime. At a recent press conference in Johannesburg, Kaspersky (www.Kaspersky.co.za) shared some insights and statistics related to the regional threat landscape in the third quarter of 2023 and made forecasts on how the situation is going to develop in 2024.

Web threats
Web threats are Internet-based threats that expose people and computer systems to harm online. There was a 24% increase in the number of corporate users affected by web threats from Q2 to Q3 2023 in South Africa. However, comparing Q3 2022 to Q3 2023, there was an 8% decline in the number of corporate users affected by web threats.  

Phishing
Phishing is a type of Internet fraud that seeks to acquire a user's credentials by deception. It includes theft of passwords, credit card numbers, bank account details and other confidential information.

Phishing attacks detected in Kenya in Q3 2023 increased by 32% compared to Q2 2023 and by 12% compared to Q3 2022. In Nigeria, there was a 12% increase in phishing attack detections in Q3 2023 compared to Q2; however, compared to Q3 2022, the number of phishing detects decreased by 8%.

Attacks on Industrial Control Systems
Africa is among the regions with the highest number of detected attacks on industrial control systems (ICS computers). ICS computers are used in energy and mining sectors, automotive manufacturing, building automation infrastructures and other spheres to perform a range of operational technology functions – from the workstations of engineers and operators to supervisory control and data acquisition servers.

In Q3 2023, according to Kaspersky ICS CERT¹, attacks were detected on 32% of ICS computers in Africa. In South Africa, attacks were detected on 22% of machines, in Kenya – on 28%, in Nigeria – on 25%. Globally, malicious objects were detected on 25% of ICS machines in Q3 2023.

Attacks on the Internet of Things
The number of attacks on Internet of Things (IoT) devices has been increasing exponentially over the last years globally. This is related both to the activity of criminal actors and to the increasing number of IoT devices that are in use by individual users, businesses, and production facilities. IoT devices include not only wearables and smart home appliances, but also smart city systems, self-driving cars, automated retail checkouts, and other smart devices for home and business use. These devices can collect and transfer data over a wireless network without human input. Cybercriminals use networks of infected smart devices to conduct DDoS attacks or as a proxy for other types of malicious actions.

In Q3 2023, South Africa accounts for 28% of attacks on IoT devices that were detected by Kaspersky in the African region. Kenya accounts for 12% of attacks on IoT devices, and Nigeria – for 6%. All these attacks were spotted on Kaspersky IoT honeypots – decoy devices used to attract the attention of cybercriminals and analyse their activities.

“In forecasting the development of the cyberthreat landscape for 2024, we anticipate a dynamic evolution of cyberthreats marked by an upsurge in state-sponsored cyber-attacks, and 'hacktivism' will become one of the norms of cyber-warfare,” comments Bethwel Opil, Enterprise Client Lead at Kaspersky in Africa. “The prevalence of accessible generative AI is set to fuel an expansion of spear-phishing tactics, while the creative exploitation of vulnerabilities in mobile and IoT devices will be on the rise. Businesses today should be proactive and counter these cyberthreats with advanced technologies such as threat feeds, security information and event management systems, endpoint detection and response solutions, and tools with digital forensics and incident response features.”

To protect organisations from cyberthreats, Kaspersky experts recommend:

• Organisations should conduct regular cyber skill checkups among employees and offer competent training. Kaspersky Security Awareness (https://apo-opa.co/3Ni4NeD) portfolio offers flexible ways to train staff, is easily customisable and scalable to meet the needs of any company size.
• Corporate users should be educated on potential privacy risks when working in virtual environments. Organisations should implement best practices in safeguarding personal and corporate data.
• Install updates for the firmware used on digital devices (including virtual headsets) as soon as they become available.
• Use Cyber Immune (https://apo-opa.co/4a9jx9I) solutions for IoT protection on corporate networks. Use a dedicated IoT gateway that ensures inbuilt security and reliability of data transferring.
• Use Kaspersky Threat Intelligence (https://apo-opa.co/4a9sf7B) to block network connections originating from malicious network addresses detected by security researchers.
• Establishing continuous vulnerability assessment and triage as a basement for effective vulnerability management process. Dedicated solutions like Kaspersky Industrial CyberSecurity (https://apo-opa.co/46ZA6lH) may become an efficient assistant and a source of unique actionable information, not fully available in public.

Reference:
¹Kaspersky Industrial Control Systems Cyber Emergency Response Team