Over half of cyberattacks in Africa target government, finance sectors, study finds

6 Min Read

A Russian cybersecurity company has released an analysis of the cyber threats facing the African continent with a focus on years 2023-2024. The report highlights a significant increase in attacks targeting government and financial sectors. This rise is mainly attributed to organised hacker groups driven by financial gain and espionage, along with a surge in hacktivist activity.

The report, released during the first Russia-Africa Ministerial Conference in Sochi, Russia, states that more than half of the databases related to African countries are distributed for free on the dark web, with access to corporate networks available for an average price of USD 2,970.

In Africa, the report shows that government institutions and financial companies account for 29% and 22% of all successful attacks on organisations, respectively. An analysis of messages on dark web forums confirms that these sectors attract the greatest interest from cybercriminals, representing 19% and 13% of all darknet listings.

Anastasia Bezborodko, an analyst with the International Analytics Group at Positive Technologies, commented: “The share of attacks against the government sector among all attacks on organizations in Africa is twice as much as was found in our previous research. Most often, government institutions are targeted by APT groups (46%) aiming to collect data and perform cyberespionage, as well as by hacktivists (18%). Cybercriminals primarily target government institutions in Nigeria (27%), Algeria (17%), Ethiopia (12%), and South Africa (12%), according to dark web data,”

- Advertisement -
Ad imageAd image

“Attacks on the financial sector also increased, rising from 18% to 22% of all successful attacks. On the dark web, posts related to Africa’s government sector typically mention free distribution of information (66%), while those related to financial institutions focus on selling data and access (64%).”Additionally, the firm confirmed that one in ten successful cyberattacks in the region targeted the industrial sector, primarily aiming to disrupt production processes and steal confidential information. Another 10% of attacks focused on telecommunications, with cybercriminals attracted by the vast amounts of personal data and customer payment information available,” added Bezborodko

In attacks on organisations, the report revealed that criminals most frequently targeted computers, servers, and network equipment (65%). This indicates inadequate infrastructure protection, including vulnerabilities at network perimeters and poorly configured externally accessible services. Furthermore, attacks on web resources surged from 15% to 27%, with DDoS attacks accounting for half of this increase.

Malware, it emerged was the most prevalent method employed in cyberattacks, accounting for 43% of incidents targeting organisations and 53% targeting individuals. In nearly one-third of successful attacks on companies, cybercriminals employed ransomware, while spyware was used in one in four cases. Additionally, hackers exploited vulnerabilities in 18% of attacks on organisations.

The primary consequence of cyberattacks was unauthorised access to confidential information, affecting 61% of organisations and 53% of individuals. Disruption of core business operations was another significant outcome, occurring in 18% of successful attacks.

According to open-source data, a notable proportion of cyberattacks occurred in South Africa (22%) and Egypt (13%). Analysis of posts on dark web forums indicated that these messages predominantly targeted South Africa (25%), Nigeria (18%), and Algeria (13%). The majority of dark web listings featured databases (61%), with more than half of these databases (64%) offered for free. Criminals also sell data allowing access to the networks of major African companies, which constituted 38% of all analysed dark web communications. Most posts (74%) pertained to the sale of access, with an average price of $2,970.

The revelation comes at a time Moscow is promising to share its technologies and innovations with Africa to enhance development prospects, particularly in the fields of digitalization, information security, and space technology.

In recent years, the implementation of digital technologies across various sectors in Africa has opened new opportunities for cybercriminals. To enhance the region’s cybersecurity and combat future cybercrimes, experts at Positive Technologies recommend adopting protective measures, such as developing and regularly updating cybersecurity strategies and identifying critical information infrastructure whose disruption could lead to intolerable events at both industry and national levels.

To ensure cyber resilience, organisations are advised to conduct risk analyses, create a list of events that could cause irreparable damage, regularly update systems and applications, and continuously evaluate the effectiveness and relevance of their security mechanisms and tools. They should also host educational events to teach employees basic security principles and allocate budgets for training cybersecurity specialists.

To improve overall cybersecurity, cyber experts advocate for fostering strong partnerships between government and private sectors. Additionally, strengthening international collaboration, sharing knowledge, and exchanging experiences regarding current cyberthreats and protection measures are deemed essential.

The Ministerial conference, the first one between China and Africa, has attracted more than 1,200 delegates. It is the culmination of last year’s Russia-Africa Summit where heads of state and government made a commitment to consolidate existing partnerships while establishing others.

 

Share This Article