Nigerian consumers, firms witness 32% rise in malware attacks

[FILES] Malware attack. Photo: FORBES

Kaspersky, an Internet security firm said in South Africa, Kenya, and Nigeria, its research identified the top malware families as ransomware, financial/banking trojans, and crypto-miner malware.

When comparing the first quarter of 2021 (Q1) with second quarter of 2021 (Q2), Kaspersky saw a 24 per cent increase in ransomware in Q2 2021 in South Africa, as well as an increase of 14 per cent in crypto-miner malware. In Kenya and Nigeria, Kaspersky saw a large increase in financial/banking trojans in Q2 2021 when compared to the figures for Q1 2021 – a 59 per cent increase in Kenya and a 32 per cent increase in Nigeria.

It explained that when looking at the general cyber threat landscape as it impacts consumers and businesses, research showed that in 2020, worldwide, approximately 10 per cent of computers experienced at least one malware attack.

Interestingly, in some African countries, including South Africa, the figure was only slightly under the global 10 per cent average, making the African region comparable to that of North America or Europe in terms of cyberattacks.

While Africa is not necessarily considered a focus area for the more sophisticated types of cybercriminal activity such as targeted attacks or advanced persistent threats (APTs), the continent is certainly not immune to these or other types of cyber risks, warn Kaspersky.

In some parts of the continent like Liberia, Tunisia, Algeria, and Morocco, Kaspersky saw a slightly higher rate, while other parts showed a lower rate of a five per cent or six per cent average. It noted that for the first quarter of 2021, the figures were only slightly lower than 10 per cent, both in relative and absolute terms.

Principal Security Researcher at Kaspersky; David Emm, said: “Generally speaking, and based on our research, Africa has the same hit rate as we would see for other parts of the globe when it comes to cyber-attacks and activity.

“This only emphasises that the cyber threat the landscape truly does incorporate the whole globe where no continent or country is free of this growing danger and where all consumers, businesses and industries alike need to pay attention to effective cybersecurity measures – and especially during the current pandemic and resultant turbulent times.”

Conversely, Kaspersky said while on a technical level, not much has changed when it comes to cyber attacks, the difference is that the pandemic presents a persistent topic in which the world has a vested interest.

“So, unlike the Olympics or Valentine’s Day which is limited in terms of a timeline, the pandemic offers a wealth of opportunities for cybercriminals to use malware to attack. Everything from the daily numbers and lockdown restrictions to vaccinations, hackers are leveraging on every aspect of the current situation to compromise systems,” the firm noted.

Further, Emm said while the bulk of attacks are still speculative and randomly targeting individuals and businesses, there is a shift happening with the increase of APTs and more strategically targeted-based attacks.

He said these (APTs) use continuous, clandestine, and sophisticated hacking techniques to gain access to a system and remain inside for a prolonged period, with potentially destructive consequences.

According to him, because of the time and effort required to perpetrate such an attack, these are often levelled at high-value targets, such as nation-states and large businesses.

Kaspersky said the financial services sector remains a top targeted industry in Africa when it comes to cybercriminal activity and such cyber threats – not surprising when one considers the digital-first approach this sector continues to take, driven by the needs and expectations of its customers.

“It is relatively easy for a hacker to target an individual and capture passcodes, one-time passwords, and install malware on their computers to get financial information. Increasingly, this is expanding to financial institutions given the sheer number of new entrants in the market emerging. For hackers, online or cyber fraud offers direct monetisation of an attack and gives them access to money as quickly as possible,” Emm added.