African Nations Face Escalating Phishing & Compromised Password Cyberattacks

Cyberattacks against large enterprises in African nations ramped up in 2022, with Kenyan businesses reporting an 82% increase in such attacks, while South African and Zambian businesses recorded a 62% increase each.

According to a report from pan-African technology group Liquid C2, the top method of attack was via phishing or spam attacks (61%), with another 48% of incidents using compromised passwords. 

Jess Parnell, vice president of security operations at Centripetal, suspects that it's likely that cyberattackers are targeting businesses in Kenya, South Africa, and Zambia because they are all emerging economies with growing business sectors.

"Attackers may see these countries as attractive targets due to the potential for financial gain through various cybercrime activities, such as data theft, ransomware attacks, or financial fraud," he says.

Anna Collard, security evangelist at KnowBe4 Africa, says she feels the majority of attacks are still mostly opportunistic, such as ransomware gangs working through lists of compromised networks or credentials they get from access brokers, but the emerging economy aspect is certainly a factor in the targeting. 

"Ransomware-as-a-service groups shift their attention more towards emerging economies to get away from US based retaliation," she says, "and this makes Southern Africa or any economy with higher cyber-dependency on the continent an attractive target."

Africa Sees Increasing Cybersecurity Hiring 

Africa faces a growing 100,000-person gap in the number of certified cybersecurity professionals, according to the Liquid C2 report; yet all respondents in the report highlighted that they had advanced significantly in their cloud and digital strategies as well as in related cybersecurity capabilities.

Furthermore, 68% said they had appointed cybersecurity staff members, or signed up with a cybersecurity team, in the past year. Kenya had the highest percentage at 82%, followed by South Africa (63%) and Zambia (62%).

Parnell says the fact that attacks persisted regardless of the number of staff hired or cybersecurity investments suggests that simply investing in cybersecurity measures does not guarantee protection against cyber threats.

"Cybercriminals continually evolve their tactics, making it challenging for businesses to stay ahead of them," he says. "Therefore, it is crucial for organizations to adopt a proactive approach to threat intelligence powered cybersecurity and continuously update their defenses to mitigate risks."

He adds, "Defending against cyberattacks requires a multi-layered approach that includes implementing robust security measures, raising employee awareness about phishing and other common attack vectors, regularly updating software and systems, conducting vulnerability assessments, and promptly responding to security incidents. By prioritizing cybersecurity and taking proactive measures, businesses can better defend against attacks and minimize the potential impact of successful breaches."

Likewise, Klaus Schenk, senior vice president of security and threat research at Verimatrix, says that increasing cybersecurity staff could actually draw the wrong kind of attention: "In general, hiring specialized staff alone may not necessarily lead to a reduction in the number of cyberattacks. In some cases, it might even attract the attention of malicious actors who view it as a challenge or an opportunity to demonstrate their skills."

That said, clearly the benefits outweigh the risk, he adds. "Augmenting your cybersecurity team can significantly mitigate the impact of cyberattacks on your business," he notes. "The ultimate goal should be to minimize the occurrence of such attacks and ideally achieve a state where they have no impact whatsoever."