Economic uncertainty to shape cyber crime in Africa

While countries around the world have had to deal with the COVID-19 pandemic, developing economies in Africa have been particularly hard hit by national lockdowns and resricted business activity.

“Thanks to the increased connectedness of people, the rise in unemployment will not only see a spike in traditional crime, but this will also extend to the digital environment – something we are already seeing,” says Lehan van den Heever, enterprise cyber security advisor for Kaspersky in Africa.

Although the increase in cyber crime will vary by country, he says African nations must prepare themselves for the inevitability of a malware growth spurt.

Van den Heever says adding to the pressure is an expected rise in, and change in tactics of, advanced persistent threats (APTs). 

“Our researchers anticipate that in 2021 [...] there will be a change in threat actors’ approach to the execution of APT attacks and as such, organisations must pay special attention to generic malware as it will likely be used to deploy more sophisticated threats.”

Kaspersky also warns of the proliferation of hackers-for-hire and cyber mercenary groups that have both SMEs and financial institutions in their cross hairs.

According to Van den Heever, organisations are under increasing pressure to make themselves stand out in today’s highly competitive market as they struggle to keep afloat during these trying times.

COVID-19 has only exacerbated the situation and the current landscape may likely lead to bankruptcy and an increase in legal disputes in court, he adds. “This makes an ideal breeding ground for these malicious groups to operate in. And although such activity has not been rife in Africa yet, the region is not immune to this cyber threat.”

Cyber mercenaries are hired to look for sensitive, confidential information that can be used in disputes to influence court rulings or to steal IP and other proprietary data, to provide their ‘employers’ with competitive intelligence to get ahead in the market.

In addition, van den Heever believes that the normalisation of remote working will put existing organisational IT systems under increased pressure as they must contend with an influx in connections into the corporate back-end.

“More companies are exposing their systems online while their focus turns to always-on availability,” he adds. However, few of them have considered how to adapt their cyber security controls to the new environment, resulting in certain databases and systems inevitably being left open to intruders. This will lead to an increase in cyber crime over the next few months with many companies racing to tighten their security, he says.

“This year is going to be a watershed for cyber security as organisations start realising the importance of having an integrated and threat intelligent approach to safeguard their systems and data against increasingly sophisticated threat agents,” van den Heever ends.