In South Africa, Kenya and Nigeria, APT groups are exploiting the current uncertainty around COVID-19 to steal sensitive information.
Despite research showing an overall decrease in certain malware families and types in sub-Saharan Africa (SSA) in H1 2020 (36% decrease in South Africa, 26% decrease in Kenya and a 2.7% decrease in Nigeria), Kaspersky stresses that the human cyber threat remains rife, where Africa is not immune to the evolving techniques of Advanced Persistent Threats (APTs), as well as the possibilities of being a future target of hacking-for-hire threat actor groups.
Kaspersky research has found that globally, APT groups are evolving their techniques and are upgrading their toolset to continue stealing sensitive information. Furthermore, Kaspersky says it has seen a rise of hackers-for-hire or cyber mercenaries during the first two quarters of 2020. In fact, three cyber mercenary groups have been exposed across the world this year alone.
As this activity has taken place outside of Africa, Kaspersky suspect that these types of actors may have been somewhat forgotten and do not necessarily form part of cyber defence strategies. However, the region may become a focus of these groups in the coming months and thus, businesses and entities need to have an understanding of these emerging threats, along with the threat of APTs, to be prepared and take proactive steps towards effective cybersecurity.
In South Africa, Kenya and Nigeria, APT groups are exploiting the current uncertainty around COVID-19 to steal sensitive information, according to Kaspersky. More sophisticated techniques have emerged that delivers malware in non-conventional ways. While overall malware attacks in South Africa, Kenya and Nigeria decreased during the first two quarters of 2020, certain malware types, such as the STOP ransomware, are proving increasingly popular for certain cybercriminals. The same applies to financial malware in South Africa and Nigeria as examples.
According to Kaspersky, the top industries under attack in Sub-Saharan Africa in H1 2020 include government, education, healthcare, and military. While government and military present compelling – and obvious – targets, education and healthcare are often used as pivot points to gain access to other institutions. Sometimes, an entity is a victim while other times it is the target.
The top three threat actors in these regions in this regard are TransparentTribe, Oilrig, and MuddyWater.
Maher Yamout, Senior Security Research, Global Research & Analysis Team at Kaspersky said: “The remainder of the year will likely see APT groups and hacking-for-hire threat actors increase in prominence across the globe. Africa will continue to see more sophisticated APTs emerge and we also suspect that the hacking-for-hire actor type could target companies in Africa in the future. We also anticipate that cybercriminals will increase targeted ransomware deployment using different ways. These can range from trojanised cracked software to exploitation across the supply chain of the targeted industry. Data breaches will certainly become more commonplace especially as people will continue to work remotely for the foreseeable future while exposing their systems to the Internet without adequate protection.”
