Block title

-

Hackers for hire!

- Advertisment -

Stern warning from Kaspersky for South Africa and Africa at large

Despite research showing an overall decrease in certain malware families and types in sub-Saharan Africa (SSA) in H1 2020 (36% decrease in South Africa, 26% decrease in Kenya and a 2.7% decrease in Nigeria), Kaspersky stresses that the human cyber threat remains rife, where Africa is not immune to the evolving techniques of Advanced Persistent Threats (APTs), as well as the possibilities of being a future target of hacking-for-hire threat actor groups and South Africa is not escaping!

Kaspersky research has found that globally, APT groups are evolving their techniques and are upgrading their toolset to continue stealing sensitive information. Furthermore, Kaspersky has seen a rise of hackers-for-hire or cyber mercenaries during the first two quarters of 2020. In fact, three cyber mercenary groups have been exposed across the world this year alone.

As this activity has taken place outside of Africa, Kaspersky suspect that these types of actors may have been somewhat forgotten and do not necessarily form part of cyber defence strategies. However, the region may become a focus of these groups in the coming months and thus, businesses and entities need to have an understanding of these emerging threats, along with the threat of APTs, to be prepared and take proactive steps towards effective cybersecurity.

Hackers for hire

Hackers-for-hire or cyber mercenaries do not necessarily have monetary motivations like traditional cybercrime. Instead, they steal private data to monetise it in a different way – usually for the purpose of providing advice or insights, based on the data, to share value of a competitive advantage. For example, a bank might get targeted and have its data analysed to gain an understanding of its market exposure, clients, and back-end systems. A competitor can use that to gain significant benefit. The reality is that in this evolving cyberthreat landscape, no company or government institution can consider themselves safe.

In South Africa, Kenya and Nigeria, APT groups are exploiting the current uncertainty around COVID-19 to steal sensitive information. More sophisticated techniques have emerged that delivers malware in non-conventional ways. While overall malware attacks in South Africa, Kenya and Nigeria decreased during the first two quarters of 2020, certain malware types, such as the STOP ransomware, are proving increasingly popular for certain cybercriminals. The same applies to financial malware in South Africa and Nigeria as examples. So, even though it decreased in these countries, certain financial malware types are gaining in popularity thanks to their unique techniques which these groups are exploiting to monetise data. This emphasises that attacks are becoming more targeted and at specific companies, in specific regions and for specific purposes.

 

The top industries under attack in Sub-Saharan Africa in H1 2020 include government, education, healthcare, and military. While government and military present compelling – and obvious – targets, education and healthcare are often used as pivot points to gain access to other institutions. Sometimes, an entity is a victim while other times it is the target.

The top three threat actors in these regions in this regard are TransparentTribe, Oilrig, and MuddyWater.

Says Maher Yamout, Senior Security Research, Global Research & Analysis Team at Kaspersky; “The remainder of the year will likely see APT groups and hacking-for-hire threat actors increase in prominence across the globe. Africa will continue to see more sophisticated APTs emerge and we also suspect that the hacking-for-hire actor type could target companies in Africa in the future. We also anticipate that cybercriminals will increase targeted ransomware deployment using different ways. These can range from trojanised cracked software to exploitation across the supply chain of the targeted industry. Data breaches will certainly become more commonplace especially as people will continue to work remotely for the foreseeable future while exposing their systems to the Internet without adequate protection.”

While prevention is ideal, detection is a must. Realistically, no organisation or government department can prevent everything. But if there is an understanding of the technology environment and having the ability to detect any deviation from the baseline, decision-makers will go to great strides in mitigating the risk of compromise and b understanding the threat dynamics, organisations can better protect themselves from evolving cyberattacks.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Latest articles

EM re-packes DEHNguard Basic surge protection

Surge protection is important to reduce stress on any equipment when load shedding switching surges occur, while higher lightning activity also means surges are...

Analyze MyDrives Edge is first drive edge application

As part of the digital enterprise SPS dialogue, Siemens is launching Analyze MyDrives Edge, its first edge application for drives. The company is demonstrating...

Touch-free automated entrances are safer

As the world continues to battle the COVID-19 pandemic, businesses are increasingly turning to technology to stabilise everyday life – with security and access...

Small E-Stop emergency button offers 360° visibility

RS Components (RS), has added the Eaton RMQ Small E-Stop to its emergency pushbutton portfolio. This compact device is around 30% smaller than standard...

Black Friday – High Risk: High Reward

By Howard Feldman, Head of Marketing & People at Synthesis. Black Friday is what happens when the dangerous mixture of anxiety and excitement is blended...

Cut your cake and eat it

Tectra Automation engineered a unique automated cake cutting system for Brenell Quality Desserts in Pietermaritzburg. The company’s previous solution for cake cutting was a...
- Advertisement -

Telviva completes buy-out of AnD Communications

Telviva, formerly Connection Telecom, has increased its shareholding in AnD Communications to 100% of the issued equity. This will not only strengthen the footprint...

SA manufacturing competition postponed for now

Exacerbated by the effects of the ongoing coronavirus pandemic, South Africa’s manufacturing sector is taking significant strain. Predominantly owing to constrained demand and production...

Senixview software – a fourth generation tool

SenixVIEW software, free with every ToughSonic PC configurable Senix Ultrasonic level and distance sensor, keeps improving and getting better. With SenixVIEW, users gain complete control...

Liquid Telecom and Zayo partner to expand coverage

Liquid Telecom has announced its partnership with Zayo Group Holdings, Inc., a global leader of communications infrastructure. The partnership will see Liquid Telecom and...

Visiting a trade fair from anywhere

Endress+Hauser invites you to its virtual trade fair booth In times of pandemic, face-to-face encounters are drastically restricted, and crowds of people are to be...