In Q3 2023, South Africa accounted for 28 per cent of attacks on IoT devices that were detected by Kaspersky in the African region.
As organisations continue to become more digitised, throughout 2023 Africa remains one of the world regions most targeted by cybercrime. At a recent press conference in Johannesburg, Kaspersky shared some insights and statistics related to the regional threat landscape in the third quarter of 2023 and made forecasts on how the situation is going to develop in 2024.
Web threats
Web threats are Internet-based threats that expose people and computer systems to harm online. There was a 24 per cent increase in the number of corporate users affected by web threats from Q2 to Q3 2023 in South Africa. However, comparing Q3 2022 to Q3 2023, there was an 8 per cent decline in the number of corporate users affected by web threats.
Phishing
Phishing is a type of Internet fraud that seeks to acquire a user's credentials by deception. It includes theft of passwords, credit card numbers, bank account details and other confidential information.
Phishing attacks detected in Kenya in Q3 2023 increased by 32 per cent compared to Q2 2023 and by 12 per cent compared to Q3 2022. In Nigeria, there was a 12 per cent increase in phishing attack detections in Q3 2023 compared to Q2; however, compared to Q3 2022, the number of phishing detects decreased by 8 per cent.
Attacks on Industrial Control Systems
Africa is among the regions with the highest number of detected attacks on industrial control systems (ICS computers). ICS computers are used in energy and mining sectors, automotive manufacturing, building automation infrastructures and other spheres to perform a range of operational technology functions - from the workstations of engineers and operators to supervisory control and data acquisition servers.
In Q3 2023, according to Kaspersky ICS CERT1, attacks were detected on 32 per cent of ICS computers in Africa. In South Africa, attacks were detected on 22 per cent of machines, in Kenya - on 28 per cent, and in Nigeria - on 25 per cent. Globally, malicious objects were detected on 25 per cent of ICS machines in Q3 2023.
Attacks on the Internet of Things
The number of attacks on Internet of Things (IoT) devices has been increasing exponentially over the last years globally. This is related both to the activity of criminal actors and to the increasing number of IoT devices that are in use by individual users, businesses, and production facilities. IoT devices include not only wearables and smart home appliances, but also smart city systems, self-driving cars, automated retail checkouts, and other smart devices for home and business use. These devices can collect and transfer data over a wireless network without human input. Cybercriminals use networks of infected smart devices to conduct DDoS attacks or as a proxy for other types of malicious actions.
In Q3 2023, South Africa accounted for 28 per cent of attacks on IoT devices that were detected by Kaspersky in the African region. Kenya accounts for 12 per cent of attacks on IoT devices, and Nigeria - for 6 per cent. All these attacks were spotted on Kaspersky IoT honeypots - decoy devices used to attract the attention of cybercriminals and analyse their activities.
"In forecasting the development of the cyberthreat landscape for 2024, we anticipate a dynamic evolution of cyber threats marked by an upsurge in state-sponsored cyber-attacks, and 'hacktivism' will become one of the norms of cyber-warfare," comments Bethwel Opil, Enterprise Client Lead at Kaspersky in Africa. "The prevalence of accessible generative AI is set to fuel an expansion of spear-phishing tactics, while the creative exploitation of vulnerabilities in mobile and IoT devices will be on the rise. Businesses today should be proactive and counter these cyber threats with advanced technologies such as threat feeds, security information and event management systems, endpoint detection and response solutions, and tools with digital forensics and incident response features."
To protect organisations from cyber threats, Kaspersky experts recommend:
Organisations should conduct regular cyber skill checkups among employees and offer competent training.
- Kaspersky Security Awareness portfolio offers flexible ways to train staff and is easily customisable and scalable to meet the needs of any company size.
- Corporate users should be educated on potential privacy risks when working in virtual environments.
- Organisations should implement best practices in safeguarding personal and corporate data.
- Install updates for the firmware used on digital devices (including virtual headsets) as soon as they become available.
- Use Cyber Immune solutions for IoT protection on corporate networks. Use a dedicated IoT gateway that ensures inbuilt security and reliability of data transfer.
- Use Kaspersky Threat Intelligence to block network connections originating from malicious network addresses detected by security researchers.
Establishing continuous vulnerability assessment and triage as a basement for effective vulnerability management process. Dedicated solutions like Kaspersky Industrial CyberSecurity may become an efficient assistant and a source of unique actionable information, not fully available to the public.