Kaspersky Confirms Kenya Is One of Africa’s Most Targeted Countries For Cybercrime Attacks In 2023.

According to Kaspersky, the global cybersecurity and digital privacy company, as organizations continue to become more digitized, Africa remains one of the world regions most targeted by cybercrime.

At a recent press conference in Johannesburg, South Africa, Kaspersky shared some insights and statistics related to the regional threat landscape in the third quarter of 2023 and made forecasts on how the situation is going to develop in 2024.

Phishing Attacks In Kenya.

Phishing is a type of Internet fraud that seeks to acquire a user’s credentials by deception. It includes the theft of passwords, credit card numbers, bank account details, and other confidential information. Phishing attacks detected in Kenya in Q3 2023 increased by 32% compared to Q2 2023 and by 12% compared to Q3 2022.

Attacks on Industrial Control Systems.

Africa is among the regions with the highest number of detected attacks on industrial control systems (ICS computers). ICS computers are used in energy and mining sectors, automotive manufacturing, building automation infrastructures, and other spheres to perform a range of operational technology functions — from the workstations of engineers and operators to supervisory control and data acquisition servers.

In Q3 2023, according to Kaspersky ICS CERT¹, attacks were detected on 32% of ICS computers in Africa. In Kenya, attacks were detected on 28% of machines, and globally, malicious objects were detected on 25% of ICS machines in Q3 2023.

Attacks on the Internet of Things.

The number of attacks on Internet of Things (IoT) devices has been increasing exponentially over the last years globally. This is related both to the activity of criminal actors and to the increasing number of IoT devices that are in use by individual users, businesses, and production facilities.

IoT devices include not only wearables and smart home appliances, but also smart city systems, self-driving cars, automated retail checkouts, and other smart devices for home and business use. These devices can collect and transfer data over a wireless network without human input. Cybercriminals use networks of infected smart devices to conduct DDoS attacks or as a proxy for other types of malicious actions.

In Q3 2023, Kenya accounted for 12% of attacks on IoT devices that were detected by Kaspersky in the African region. These attacks were spotted on Kaspersky IoT honeypots — decoy devices used to attract the attention of cybercriminals and analyze their activities.

“In forecasting the development of the cyberthreat landscape for 2024, we anticipate a dynamic evolution of cyber threats marked by an upsurge in state-sponsored cyber-attacks, and ‘hacktivism’ will become one of the norms of cyber-warfare,” comments Bethwel Opil, Enterprise Client Lead at Kaspersky in Africa.

“The prevalence of accessible generative AI is set to fuel an expansion of spear-phishing tactics, while the creative exploitation of vulnerabilities in mobile and IoT devices will be on the rise. Businesses today should be proactive and counter these cyber threats with advanced technologies such as threat feeds, security information and event management systems, endpoint detection and response solutions, and tools with digital forensics and incident response features.”

To protect Kenyan organizations from cyber threats, Kaspersky experts recommend:

  1. Organizations should conduct regular cyber skill checkups among employees and offer competent training. The Kaspersky Security Awareness portfolio offers flexible ways to train staff and is easily customizable and scalable to meet the needs of any company size.
  2. Corporate users should be educated on potential privacy risks when working in virtual environments. Organizations should implement best practices in safeguarding personal and corporate data.
  3. Install updates for the firmware used on digital devices (including virtual headsets) as soon as they become available.
  4. Use Cyber Immune solutions for IoT protection on corporate networks. Use a dedicated IoT gateway that ensures inbuilt security and reliability of data transfer.
  5. Use Kaspersky Threat Intelligence to block network connections originating from malicious network addresses detected by security researchers.
  6. Establishing continuous vulnerability assessment and triage as a basement for effective vulnerability management process. Dedicated solutions like Kaspersky Industrial CyberSecurity may become an efficient assistant and a source of unique actionable information, not fully available to the public.

Previous post

[Presentation] Don't Give A Human A Robot's Job: 6 Reasons Why AI Will Save Us, Not Destroy Us In The Future of Work.

Next post

Airtel Kenya Ups The Ante (Once Again) By Launching Unlimited 5G Internet Plans With Free WiFi Routers.

No Comment

Leave a reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.