The threat of cyberattacks has increased in recent years to almost every industry, affecting both SMEs and major tech companies. And as long as the tech ecosystem in Africa keeps booming, cybersecurity threats will keep growing.
According to the Check Point Research report, African countries experienced an average of 1,848 cyberattacks per week in 2022, which was higher than the rest of the world combined.
Nigeria, Africa’s largest internet user population, remains an origination point and a primary target for cyberattacks, followed by South Africa and Kenya. According to an IDC analysis titled "The Impact of Cyber Extortion on Africa," cybercrime costs Africa $4 billion annually.
According to a 2022 survey, 52% of companies in Africa believed they were unprepared to handle a large-scale cyberattack and became grimmer to find out that 90% of African businesses lacked proper cybersecurity practices, according to Interpol's Africa Cyberthreat Assessment Report. Hence, the continent becomes a "soft underbelly" for cybercriminals to target.
Therefore, African businesses can no longer ignore the business risks posed by cyber threats and vulnerabilities. As African businesses start to build their cybersecurity resilience planning, priorities, and roadmap for the new year, Jaco Nel, CTO at Deimos, a leading cloud technology and professional services company that protects some of Africa’s most prominent businesses in the banking, fintech and Edutech sectors from cybersecurity threats and hacks, offers the following cybersecurity predictions for 2023.
Increase in ransomware and phishing attacks
Ransomware and phishing attacks (where attackers deceive people into revealing sensitive information or installing malware such as ransomware) are easy techniques for cybercriminals. Many African employees are not trained well enough to identify these attacks, and so this will continue to affect Africa for at least the short foreseeable future.
Increase in mobile threats
The increasing use of mobile devices in Africa has led to the emergence of new mobile threats, such as malware and adware, which can compromise a device's security. As Africa’s network distribution continues to grow, so will the mobile device population and mobile device cyberattacks, which will continue in 2023.
More focus on data compliance from Governments as data laws become stricter
Although Africa has been on the back foot with data laws, with South Africa only implementing POPIA in 2021 and Egypt having implemented theirs in 2020, more African countries will start to focus on data sovereignty and data compliance regulations. This means businesses must ensure their technology partners are up-to-date with African laws to avoid large fines and penalties.
Businesses employ technology partners
Cyberattacks are growing in numbers and continue to evolve in technique and complexity. As big organisations look to become leaner, and startups and other businesses adopt the cloud, more and more African businesses will realise the benefits of partnering with security experts to secure their operations, rather than trying to do it in-house.
This is due to the failures we saw in 2022 when businesses hire cheaper or less experienced engineers due to the scarcity of this profession and end up with a half-baked solution that leaves them vulnerable to cyberattacks.
The emergence of new threats
As technology advances, new cyber threats will emerge specifically designed to target African countries. If businesses rely on in-house engineers, they must ensure that they remain up-to-date with best practices and OWASP (Open Web Application Security Project) top 10.
Increase in Cryptojacking
Cryptojacking, in which hackers use a victim's computer to mine cryptocurrency. This can be done via a website, a specialised script or malware, but the endpoint is the same – the criminal gets the benefit while your hardware gets used and your power bill climbs higher. This type of cyberattack has been on the rise and tends to continue, with Africa remaining a significant threat.