As the digital landscape expands across Africa, the continent remains a hotspot for cybercrime in 2023, with significant threats identified in web attacks, phishing, attacks on industrial control systems (ICS), and Internet of Things (IoT) devices.
During a recent press conference in Johannesburg, cybersecurity experts from Kaspersky highlighted the growing cybercrime concerns and provided detailed insights into the current cyberthreat landscape in Africa, focusing on the third quarter of 2023 and offering projections for 2024.
In South Africa, the number of corporate users impacted by web threats soared by 24% from the second to the third quarter of 2023. Despite this surge, a year-on-year comparison from the third quarter of 2022 to 2023 reveals an 8% decrease in corporate web threat victims.
Phishing, a cybercrime practice aimed at stealing personal information, has seen a dramatic increase in South Africa. Corporate users experienced a 134% spike in phishing attacks from the second to the third quarter of 2023, and a 16% increase compared to the same period in 2022.
Africa, including South Africa, is witnessing a high frequency of attacks on ICS computers, which are pivotal in sectors like energy, mining, and automation. Kaspersky’s ICS CERT reported attacks on 32% of ICS computers in Africa and 22% in South Africa during the third quarter of 2023, compared to a 25% global average. Notably, all these attacks were successfully blocked by Kaspersky’s security solutions.
IoT Devices: A Growing Target
The IoT domain, encompassing everything from smart appliances to automated systems, has become increasingly vulnerable. In the third quarter of 2023, South Africa accounted for 28% of the African region’s IoT device attacks detected by Kaspersky. Kenya and Nigeria followed, with 12% and 6% respectively.
David Emm, a Principal Cybersecurity Researcher at Kaspersky, forecasts a dynamic evolution of cyberthreats into 2024. He predicts an increase in state-sponsored cyber-attacks and ‘hacktivism’, along with the rising use of AI in spear-phishing and vulnerabilities in mobile and IoT devices. Emm emphasizes the need for businesses to adopt advanced technologies like threat feeds, security information and event management systems, endpoint detection, and digital forensics to combat these evolving threats.
As cybercrime continues to evolve, African nations, including Kenya, are urged to enhance their cybersecurity measures to protect against these increasing threats.