Kaspersky experts expect growing economic turbulence along with the impact of COVID-19 to contribute to an increase in cybercrime across South Africa, Kenya, and Nigeria this year.
Growth in cybercrime
“Even though every country globally has had to deal with the pandemic in its own way, developing economies across Africa have been especially hard hit by national lockdowns and limited business activity. And thanks to the increased connectedness of people, the rise in unemployment will not only see a spike in traditional crime, but this will also extend to the digital environment – something we are already seeing,” says Lehan van den Heever, Enterprise Cyber Security Advisor for Kaspersky in Africa.
While the increase in these crimes will vary by country, African nations must prepare themselves for the inevitability of increases in malware that already topped 28 million by August last year, according to Kaspersky research.
Growth in APT
Adding further pressure to this melting pot of cyberattacks is an expected rise, along with changes in strategy, in Advanced Persistent Threats (APTs). Adds van den Heever; “Our researchers anticipate that in 2021, across the globe though where Africa is not immune, there will be a change in threat actors’ approach to the execution of APT attacks and as such, organisations must pay special attention to generic malware as it will likely be used to deploy more sophisticated threats.”
Compounding this is the concern around hackers-for-hire and cyber mercenary groups targeting SMEs and financial institutions.
“Businesses are under pressure to differentiate themselves in a highly competitive market as they struggle to survive these trying times, amplified further by the effects of COVID-19. The current landscape may likely lead to bankruptcy and an increase in legal disputes in court. This makes an ideal breeding ground for these malicious groups to operate in. And although such activity has not been rife in Africa yet, the region is not immune to this cyber threat.”
Cyber-mercenaries are hired to search for sensitive, private information that can be used in disputes to win court rulings or to steal business trade secrets and provide their ‘employers’ with competitive intelligence to get ahead in the market.
Remote work and data breaches
Additionally, van den Heever believes that the normalisation of remote working will further put existing organisational IT systems under pressure as companies now must content with an influx in connections into the corporate back-end.
“More companies are exposing their systems online while their focus turns to always-on availability. However, few of them have considered how to adapt their cybersecurity controls to this new environment. This results in some databases and systems inevitably being left open to intruders,” he says.
To this end, van den Heever expects data breaches across Africa to increase in the coming months with many companies racing to tighten their security.
“This year is going to be a watershed for cybersecurity as organisations start realising the importance of having an integrated and threat intelligent approach to safeguard their systems and data against increasingly sophisticated threat agents,” he concludes.