Computers in Africa Under Heavy Cyber Attacks

Dr Amin Hasbini, Head of Global Research and Analysis Team (GReAT), Middle East, Türkiye and Africa region at Kaspersky

Experts have expressed worries over the rise in malware across Africa warning that the increase is a threat to every sector of the economy of the continent. According to data collected by Russia-based cybersecurity provider Kaspersky, the number of backdoor computer malware detected in Q2 2022 for corporate users in South Africa, Kenya and Nigeria has significantly increased compared to the previous quarter.

Currently, numbers are hitting new records and posing challenges to cybersecurity professionals in enterprise and government agencies.

Dr Amin Hasbini, Head of Global Research and Analysis Team (GReAT), Middle East, Türkiye and Africa region at Kaspersky
Dr Amin Hasbini, Head of Global Research and Analysis Team (GReAT), Middle East, Türkiye and Africa region at Kaspersky

“Backdoors enable a series of long unnoticed cyber espionage campaigns, which result in significant financial or reputational losses and may disrupt the victim organisation’s operations. Corporate systems should be constantly audited and carefully monitored for hidden threats,” comments Dr Amin Hasbini, Head of Global Research and Analysis Team (GReAT), Middle East, Türkiye and Africa region at Kaspersky.

Read also : KnowBe4 and IDC Raise the Cybersecurity Flag in Sub-Saharan Africa

A backdoor is one of the most dangerous types of malware. Backdoors provide cybercriminals with remote administration of a victim’s machine.

Unlike legitimate remote administration utilities, backdoors install, launch and run invisibly, without the consent or knowledge of the user. Once installed, backdoors can be instructed to send, receive, execute and delete files, harvest confidential data from the computer, log activity and more.

Recently, Kaspersky discovered a hard-to-detect backdoor dubbed SessionManager that targeted governments and NGOs around the globe.

This backdoor was set up as a malicious module within the Internet Information Services (IIS), a popular web server edited by Microsoft. Session Manager enables a wide range of malicious activities from collecting emails to complete control over the victim’s infrastructure. 

First leveraged in March 2021, this backdoor hit government institutions and NGOs in Africa, South Asia, Europe and the Middle East. Many of the targeted organisations remain at risk.

South Africa saw the most significant increase in backdoor detections from Q1 to Q2 – by 140% to 11,872 cases, with the share of affected users increasing by 10%.

Read also : African Liquefied Natural Gas (LNG) Makes Sense for Europe, Now and Going Forward

South Africa was followed by Nigeria – backdoor detection saw a significant increase of 83% to 2,624 cases, with the share of affected users increasing by 24%.

In Kenya the number of detections increased in Q2 to 10,300 (53% increase from Q1), and the share of users affected by backdoors increased by 11%.

“Gaining insights into active cyberthreats is paramount for companies to protect their assets, and threat intelligence is the only component that can enable reliable and timely anticipation of complex backdoors,” Hasbini says.

“It gives cybersecurity teams full visibility of the network, web, email, PCs, laptops, servers and virtual machines in public clouds.”

Kelechi Deca

Kelechi Deca has over two decades of media experience, he has traveled to over 77 countries reporting on multilateral development institutions, international business, trade, travels, culture, and diplomacy. He is also a petrol head with in-depth knowledge of automobiles and the auto industry