In 2023, a noticeable decrease in cyber threats was observed in most major economies across Africa. However, there were some notable exceptions to this trend. Kenya experienced a significant 68% increase in ransomware attacks, while South Africa saw a 29% surge in phishing attacks targeting sensitive data. This shift indicates a change in the overall cyber threat landscape on the continent.

According to telemetry data from cybersecurity firm Kaspersky, cyber attackers are now increasingly targeting critical infrastructure in Africa and exploring the incorporation of artificial intelligence (AI) into their malicious activities. Threat actors are leveraging AI large language models (LLMs) to create more sophisticated social engineering attacks and produce convincing lures in multiple languages. Maher Yamout, lead security researcher at Kaspersky’s threat research group, highlights the evolving tactics of cybercriminals in response to advancements in technology.

Historically, Africa has been a hotbed for social engineering threats, with a concentration of business email compromise (BEC) actors like the SilverTerrier group, as noted in Interpol’s African Cyberthreat Assessment 2023 report. Citizens in Africa and the broader Middle East, Turkey, and Africa (META) region are increasingly targeted by cybercriminals, according to Kaspersky’s findings. BEC attacks remain a predominant threat, particularly impacting the financial, telecom, government, and retail sectors.

The presence of AI technologies such as LLMs has facilitated the rise in cyber attacks across organizations in Africa. These technologies have lowered the barriers for cybercriminals and professional groups, enabling them to execute more convincing phishing campaigns, create synthetic identities, and generate deepfake content. The transformative potential of AI comes with its risks, including biases in facial recognition, financial fraud, and targeted manipulation.

Moreover, the adoption of operational technology to automate critical infrastructure systems in Africa has made them vulnerable to attacks. Kaspersky reports that over a third of OT computers encountered at least one threat in the latter half of 2023. Hacktivism, driven by social, cultural, and macro-economic agendas, further complicates the threat landscape, amidst rising economic and political tensions.

Mobile devices are the primary means of internet access for many Africans, leading to a surge in mobile threats. Kaspersky observed a 10% increase in threats targeting mobile devices across the continent, including ransomware and SMS phishing attacks seeking credentials. The shift towards remote work globally has also contributed to the rise in mobile threats, with 42% of African employees working remotely at least once a week.

As organizations adapt to the hybrid work model, securing mobile devices and remote access becomes vital. Kaspersky emphasizes the importance of patching software, managing credentials, and securing endpoints to mitigate cyber risks. Vulnerabilities in unpatched software, weak web services, and remote access points continue to be exploited by ransomware groups targeting African victims.

In conclusion, the evolving cyber threat landscape in Africa underscores the need for increased cybersecurity measures, particularly in critical infrastructure, social engineering attacks, and mobile security. As cybercriminals adapt to technological advancements, organizations must prioritize cybersecurity awareness, training, and best practices to safeguard their data and systems effectively.

Извор линк