/ 19 May 2023

Spyware attacks in South Africa increase by 18.8%

Pegasus works on phones running Android
Pegasus works on phones running Android

Spyware attacks in South Africa increased by 18.8% between the last quarter of 2022 and first quarter of 2023, and were up 12.9% and 14.6% in Kenya and Nigeria respectively, a recently released report said.

The report by cyber security company Kaspersky was issued after a conference held in Almaty in Kazakhstan.

Spyware continues to be a threat to users of different types of devices in different organisations in South Africa, with sub-sea cable operator Seacom experiencing a  security incident earlier this month.

“South Africa remains the most targeted African country in terms of ransomware and business email compromise. With a torrent of new cyber attacks, the last couple of years were the worst on record,” Seacom said. “More than half of South African firms were impacted by ransomware in the past year.”

According to Interpol’s African Cyber Threat Assessment Report, almost 220 million email threats were detected in South Africa in 2021. Postbank, for example, lost more than R18 million over three months in such attacks. 

The state bank witnessed more than 100 000 fraudulent emails imitating the entity, further losing more than R400 million to recover its IT systems, according to private cyber security company Mimecast.

Cyber attacks also frequently take place in other parts of Africa. Kaspersky said it had blocked more than 30 000 mobile malware attacks combined in Nigeria, Kenya, and South Africa between January and June 2021 

According to the 2022-23 Cyber Security report by the Kenya Communication Authority, the East African country recorded over two million cyber threats.

“Ransomware continues to be a major cybersecurity challenge affecting organisations and individuals across different sectors,” it said.

The Nigerian government said on Tuesday it had recorded a total of 12.9 million cyber attacks, originating from both in and outside the country during the February presidential elections. 

Various measures put in place by the government ensured that these attacks were blocked and escalated to the relevant institutions for appropriate action, the government said in a statement.

Jeanette Smith, head of communications and marketing at nonprofit educational organisation ORT SA, described the 2016 cyberattack it experienced as “catastrophic”.

“The cyber attack resulted in the complete loss of our data. This incident served as a wake-up call, prompting us to reevaluate our cybersecurity measures and develop a robust strategy to prevent future attacks,” she said.

“Through a combination of knowledgeable IT providers, ongoing staff education, regular testing and training, specialised courses, and comprehensive integration, we have created a resilient cybersecurity framework that safeguards our valuable data and ensures the protection of our organisation.”

Kaspersky said it has partnered with Centerm, a provider of thin client, mini PC and smart terminal systems, to produce the world’s first thin client device with cyber immunity that requires no additional antivirus protection tools.

The company believes that this new approach is suitable for many areas where a large number of workstations with similar tasks and a standard set of applications are used in the public sector, educational institutions, manufacturing and production plants, the fuel and energy sector, healthcare, financial organisations, retail firms and others.

Seacom advised institutions and businesses looking to build up their resilience to cyber threats to upgrade their approach to digital security. 

“Cyber security awareness training, combined with the right cyber security solutions, have become a necessary expense for both large and small businesses organisations,” it said.