Economic turbulence and the impact of Covid-19 is expected to contribute to an increase in cybercrime across South Africa, Kenya and Nigeria this year, says cybersecurity multinational Kaspersky in Africa Enterprise cybersecurity adviser Lehan van den Heever.
While every country globally has had to deal with the pandemic, developing economies across Africa have been especially hard-hit by national lockdowns and limited business activity. Owing to the increased connectedness of people, the rise in unemployment will not only see a spike in traditional crime, but this will also extend to the digital environment – "something we are already seeing", he says.
"While the increase in these crimes will vary by country, African nations must prepare themselves for the inevitability of increases in malware, with Kaspersky research identifying 28-million malware samples in Africa by August 2020."
Alongside changes in strategy, further pressure is expected from the rise in advanced persistent threats (APTs).
“Our researchers anticipate that, in 2021, across the globe, and Africa is not immune, there will be a change in threat actors’ approach to the execution of APT attacks and, as such, organisations must pay special attention to generic malware as it will likely be used to deploy more sophisticated threats.”
Compounding this is the concern around hackers-for-hire and cyber mercenary groups targeting small and medium-sized enterprises and financial institutions, adds Van den Heever.
“Businesses are under pressure to differentiate themselves in a highly competitive market and struggle to survive these trying times, amplified further by the effects of Covid-19. This may lead to bankruptcies and an increase in legal disputes in court. This makes an ideal breeding ground for malicious groups to operate in. Further, although such activity has not been rife in Africa yet, the region is not immune to this cyberthreat.”
Van den Heever adds that the normalisation of remote working will put existing organisational information technology systems under further pressure, as companies must now contend with an influx in connections into the corporate back-end.
“More companies are exposing their systems online while their focus turns to always-on availability. However, few of them have considered how to adapt their cybersecurity controls to this new environment. This results in some databases and systems being left open to intruders,” he says.
Therefore, data breaches across Africa are expected to increase in the coming months while many companies are racing to tighten their security.
“This year is going to be a watershed for cybersecurity as organisations realise the importance of having an integrated and threat-intelligent approach to safeguard their systems and data against increasingly sophisticated threat agents,” he concludes.