Tech and cyber security experts are predicting an increase in cybercrime incidences on the African continent this year with no countries spared. The incidences are expected to be driven by increased reliance on online platforms as a result of the Covid-19 pandemic.
According to a Kaspersky study, while the increase in these crimes will vary by country, African nations must prepare themselves for the inevitability of increases in malware that already topped 28 million by August last year.
"Even though every country globally has had to deal with the pandemic in its own way, developing economies across Africa have been especially hard hit. Thanks to the increased connectedness of people, the rise in unemployment will not only see a spike in traditional crime, but this will also extend to the digital environment – something we are already seeing,” said Lehan van den Heever, Enterprise Cyber Security Advisor for Kaspersky in Africa.
Growth in Advanced Persistent Threats
Adding further pressure to this melting pot of cyberattacks is an expected rise, along with changes in strategy, in Advanced Persistent Threats (APTs).
Heever said; "our researchers anticipate that in 2021, across the globe though where Africa is not immune, there will be a change in threat actors’ approach to the execution of APT attacks and as such, organisations must pay special attention to generic malware as it will likely be used to deploy more sophisticated threats.”
Compounding this is the concern around hackers-for-hire and cyber mercenary groups targeting SMEs and financial institutions.
"Businesses are under pressure to differentiate themselves in a highly competitive market as they struggle to survive these trying times, amplified further by the effects of Covid-19. The current landscape may likely lead to bankruptcy and an increase in legal disputes in court. This makes an ideal breeding ground for these malicious groups to operate in. And although such activity has not been rife in Africa yet, the region is not immune to this cyber threat.”
Cyber-mercenaries are hired to search for sensitive, private information that can be used in disputes to win court rulings or to steal business trade secrets and provide their ‘employers’ with competitive intelligence to get ahead in the market.
Remote work and data breaches
Additionally, Heever believes that the normalisation of remote working will further put existing organisational IT systems under pressure as companies now must content with an influx in connections into the corporate back-end.
"More companies are exposing their systems online while their focus turns to always-on availability. However, few of them have considered how to adapt their cybersecurity controls to this new environment. This results in some databases and systems inevitably being left open to intruders,” he said.
To this end, Kaspersky expects data breaches across the continent to increase in the coming months with many companies racing to tighten their security.
"This year is going to be a watershed for cyber security as organisations start realizing the importance of having an integrated and threat intelligent approach to safeguard their systems and data against increasingly sophisticated threat agents,” he added.
Rwanda’s National Cyber Security Authority (NCSA) noted that with the increased uptake and usage of online services, including digital payments, there has been an increased exposure to online cyber threats.
Ghislaine Kayigi the Chief Cyber-security Standards Officer at NSCA noted proportional to this increase of online services, is also increased exposure to online cyber threats.
"All online systems have exhibited known security threats and to mitigate these threats, a number of ongoing activities have been implemented,” she said.
Among the measures she said are being rolled out to mitigate the vices include improving cyber security awareness as well as strengthening the security of information networks and systems.
In light of the growing incidences and threats, Kayigi said that organizations should adopt a risk management mindset as opposed to solely pursuing compliance.