The number of financial malware attacks reported in SA during the first half of the year have increased by more than 10 400 over the comparative period last year, according to Kaspersky research.
The security giant attributes this to a combination of increasingly sophisticated propagation technologies and continued economic uncertainties resulting from the COVID-19 pandemic.
“Of these attacks, 24% targeted corporate users. This makes financial malware attacks a significant cyber security risk facing the local market today across both the consumer and business sectors,” says Bethwel Opil, enterprise sales manager at Kaspersky in Africa.
Local businesses have become susceptible to financial malware as the number of employees working outside corporate network increases.
This distributed workforce makes protecting personal endpoint devices of staff, who need to access back-end systems to continue performing their job functions, that much more critical.
According to Opil, the increase in financial malware attacks in SA highlights the urgent need for cyber security awareness training programmes and substantiates Kaspersky’s focus around this into the corporate landscape.
“What is also interesting to note and mention, is that Kenya and Nigeria, two other African countries that we monitor closely, show a different picture, having seen a decrease in financial malware attacks by 68% and 35% respectively.”
However, Ethiopia has seen a staggering 142% increase in H1 2021. “In my opinion, this makes it difficult to pinpoint a particular targeted country or sector at any specific time. In fact, it reiterates our message that malware, and other cyber crime, is a global, persistent problem that needs to be protected against.”
Some of the best practices that must be employed include having employees only install applications from reliable sources, such as official app stores, and when doing so, they must always examine the permissions the application requests.
“If these permissions do not match the intended function of the programme, then it must be questioned and brought to the attention of the IT administrator,” Opil adds.
Kaspersky recommends that beyond the fundamental cyber security solutions and training, organisations should consider using the likes of anti-advanced persistent threat and endpoint detection and response technologies to further shore up the defensive posture of the network environment.
“With the landscape unlikely to change for the foreseeable future, it is best to combine sophisticated cyber security solutions with continuously evolving training to keep employees appraised of the latest threats especially when it comes to financial malware,” ends Opil.
Share