Kaspersky says that the human cyber-threat remains widespread in Nigeria, South Africa and Kenya.
The cybersecurity firm, in a statement, said the three African countries were being targeted by Advanced persistent threat groups that were exploiting the current uncertainty around COVID-19 to steal sensitive information.
The statement titled ‘Kaspersky warns of top IT security threats in Africa‘ said more sophisticated techniques of attacks that delivered malware in non-conventional ways had emerged.
The company cautioned that there were possibilities that these countries would be a future target of hacking-for-hire threat actor groups.
Kaspersky said a study it carried out showed that globally, APT groups were evolving their techniques and upgrading their toolset to continue stealing sensitive information.
The cybersecurity firm said it discovered a rise of hackers-for-hire or cyber mercenaries during the first two quarters of 2020.
It added that three cyber-mercenary groups had been exposed across the world this year alone.
The company said, “As this activity has taken place outside of Africa, Kaspersky suspected that these types of actors may have been somewhat forgotten and do not necessarily form part of cyber defence strategies.
“However, the region may become a focus of these groups in the coming months and thus, businesses and entities need to have an understanding of these emerging threats, along with the threat of APTs, to be prepared and take proactive steps towards effective cybersecurity.”
Kaspersky said hackers-for-hire or cyber mercenaries did not necessarily have monetary motivations like traditional cybercrime but they steal private data to monetise it in a different way.
According to the cybersecurity firm, these cybercriminals used the data to provide advice or insights to share value of a competitive advantage.
Citing a bank as an example, the company explained that the stolen data of a bank could be analysed to gain an understanding of its market exposure, clients, and back-end systems, saying that the information could be used by a competitor to gain significant benefit.
While overall malware attacks in Nigeria, South Africa and Kenya had decreased during the first two quarters of 2020, analysts noted that certain malware types, such as the STOP ransomware, were proving increasingly popular for certain cybercriminals.
Kaspersky added that certain financial malware types were gaining in popularity due to their unique techniques, which these groups were exploiting to monetise data.
The top industries under attack in sub-Saharan Africa in H1 2020, according to Kaspersky, include government, education, healthcare, and military.
While the government and military present compelling targets, the cybersecurity firm noted that education and healthcare were often used as pivot points to gain access to other institutions.
The top three threat actors in these regions, according to the company, are TransparentTribe, Oilrig, and MuddyWater.
The Senior Security Research, Global Research and Analysis Team at Kaspersky, Maher Yamout, noted that for the remainder of the year, companies were likely to see APT groups and hacking-for-hire threat actors increase in prominence across the globe.
He said, “Africa will continue to see more sophisticated APTs emerge and we also suspect that the hacking-for-hire actor type could target companies in Africa in the future.
“We also anticipate that cybercriminals will increase targeted ransomware deployment using different ways.
“These can range from trojanised cracked software to exploitation across the supply chain of the targeted industry. Data breaches will certainly become more commonplace, especially as people will continue to work remotely for the foreseeable future while exposing their systems to the Internet without adequate protection.”
He said prevention of these threats was equally important as detection.
According to him, no organisation or government department can prevent everything but if there is an understanding of the technology environment and ability to detect deviation from the baseline, decision-makers will mitigate the risk of compromise.
This could be achieved by understanding the threat dynamics, it added.