Small businesses in Kenya are still in danger, facing a 47% increase in Internet attacks in 2022
In comparison to 88 455 infections in 2021, Kaspersky researchers detected 130 111 infections in the first four months of 2022
With the shift to remote working and the introduction of numerous advanced technologies in the daily operations of even small companies, security measures need to evolve
When a small business owner is faced with the responsibilities of production economics, financial reports and marketing all at the same time, cybersecurity can often appear complicated and, at times, unnecessary. However, this disregard for IT security is being exploited by cybercriminals. Kaspersky (www.Kaspersky.co.za) researchers assessed the dynamics of attacks on small and medium-sized businesses between January and April 2022 and the same period in 2021, to identify which threats pose an increasing danger to entrepreneurs.
In 2022, the number of Trojan-PSW (Password Stealing Ware) detections in Kenya increased by 16% when compared to the same period in 2021 - 12 639 detections in 2022 compared to 10 934 in 2021. Trojan-PSW is a malware that steals passwords, along with other account information, which then allows attackers to gain access to the corporate network and steal sensitive information.
Another popular attack tool used on small businesses in Kenya is Internet attacks, specifically, web pages with redirects to exploits, sites containing exploits and other malicious programs, botnet C&C centers, etc. The number of these attacks increased by 47% in the country. In comparison to 88 455 infections in 2021, Kaspersky researchers detected 130 111 infections in the first four months of 2022.
With the shift towards remote working, many companies have introduced the Remote Desktop Protocol (RDP), a technology that enables computers on the same corporate network to be linked together and accessed remotely, even when the employees are at home. While the overall number of attacks on RDP has decreased slightly in Kenya, globally this threat is still a challenge. For example, in the first trimester of 2021 there were about 47.5 million attacks in the U.S., whereas for the same period in 2022 the number had risen to 51 million.
Having a special security solution enables attack visualisation and provides IT administrators with a convenient tool for incident analysis. The faster they can analyse where and how a leak occurred, the better they will be able to solve any negative consequences. The new edition of Kaspersky Endpoint Security Cloud, dubbed Kaspersky Endpoint Security Cloud Pro (https://bit.ly/3NHNAZP), contains advanced new capabilities, including automated response options and an extended set of security controls in a single solution. The Pro version also includes built-in training for IT workers seeking to boost their cybersecurity skills and make the most out of their specialised security products.
Even small businesses with limited IT resources still need to protect all their working devices, including computers and mobile phones, from cyberthreats. The updated Kaspersky Small Office Security (https://bit.ly/3t4dH5i) is a key tool for startups, small online-stores and local businesses to keep all of their work devices protected, safely transfer any valuable business-related files and avoid falling victim to ransomware.
“With the shift to remote working and the introduction of numerous advanced technologies in the daily operations of even small companies, security measures need to evolve to support these sophisticated setups. Cybercriminals are already way ahead of the curve, so much so that virtually every organisation will experience a breach attempt at some point. For small companies today, it's not a matter of whether a cybersecurity incident will happen but when. Having trained staff and an educated IT-specialist is no longer a luxury but a must-have part of your business development,” comments Denis Parinov, security researcher at Kaspersky.
To protect your business, Kaspersky recommends:
- Providing your staff with basic cybersecurity hygiene training (https://bit.ly/3N2SdxR) as many targeted attacks start with phishing or other social engineering techniques.
- Using a protection solution for endpoints and mail servers with anti-phishing capabilities to decrease the chance of infection through phishing emails.
- Taking key data protection measures. Always safeguard corporate data and devices, including by using password protection, encrypting work devices and ensuring data is backed up.
- Keeping work devices physically safe – do not leave them unattended in public, always lock them and use strong passwords and encryption software.
Distributed by APO Group on behalf of Kaspersky.
Kaspersky is a global cybersecurity and digital privacy company founded in 1997. Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky technologies and we help 240,000 corporate clients protect what matters most to them. Learn more at www.Kaspersky.co.za.