Illegal access to data a serious threat to Africa

Cyber attacks on businesses in three key technology hubs – Kenya, South Africa and Zambia, have increased by 76%. 

This is according to research released yesterday by cloud and security services provider Liquid C2.

The Cassava Group company warned that illegal access to data remains the biggest cyber security threat to businesses in Africa as it shared the findings of its latest cyber security report ‘The Evolving Cyber Security Landscape in Africa in 2022’.

Kenyan businesses reported an 82% increase in cyber attacks, while South African and Zambian businesses recorded a 62% increase.

According to the report, the top method of attack used by cyber criminals was through e-mail, using phishing or spam attacks (61%), with attacks through compromised passwords (48%) and data breaches (44%) being the second and third most common.

Companies participating in the research said most  breaches (61%) occurred as a result of remote or hybrid working.

Liquid’s report states that businesses have expressed confidence in their security mitigation processes and investments, but also concern over email a-ttacks, data breaches and malware.

An excerpt from the report reads: “… on the one hand, companies know that the threats have become more sophisticated and capable, but on the other, they believe they’ve done enough to protect against them. The reason for this conflict is that they feel they have done more to support security than in the past but are aware that there remain threats that they should be concerned about that may yet result in significant business impact in the future."

David Behr, CEO of Liquid C2, says, “The biggest concern emerging from this report is that companies are saying that they've put a lot more cyber security controls in place. With threats evolving faster than security systems, companies cannot afford to get complacent. The report highlights that businesses must be consistently vigilant about the ever-evolving cyber crime landscape and the methods malicious actors use to breach cyber security measures. As the report shows, complacency is a luxury no one can afford."

Richard Muthua, executive head, cloud and cyber security at Liquid Kenya, says 72% of respondents are concerned about hacking and unauthorised access to their organisation’s information systems and assets. Access to, and control of, data residing in the cloud and the requisite visibility, as well as exposure to risk because of the hybrid working model, are dominant issues.

Shuko Chunga, country executive head, Liquid Zambia, says 93% of Zambian business identified e-mail attacks like phishing and spam as the biggest cyber security threats.

Chunga adds that in the emerging cyber security market, the demand for skills remains high and there is limited supply.

The research also pointed out the challenge of compliance with regulation as many businesses struggle to align their security positions with regulatory demands.

Behr adds, "The research highlights that over half of all large enterprises in the three countries were victims of a successful cyberattack, with 90% of them being Kenyan businesses. Increasingly sophisticated methods like Cybercrime-as-a-Service (CaaS) are becoming more popular in Africa, meaning businesses can no longer rely on outdated technologies and processes.”

Liquid executives believe there will be an increase in spend on cyber security within the markets covered in the report.