CYBERATTACKS against African governments have doubled with a record 29% cyber attacks recorded this year alone, a 2023-24 report by Positive Technologies - a results-driven cybersecurity firm, has revealed .
According to the report, there has been a rise in attacks on government entities (29%) and financial companies (22%).
“The share of attacks against the government sector among all attacks on organizations in Africa is twice as much as was found in our previous research,” says Anastasia Bezborodko, an analyst from the International Analytics Group at Positive Technologies.
Such attacks are frequently conducted by hacktivists and organized hacking organizations seeking espionage and financial gain.
Positive Technologies claims that while access to corporate networks may be purchased for an average of US$2 970, over half of the records pertaining to African nations are freely available on the dark web. “Most often, government institutions are targeted by APT groups (46%) aiming to collect data and perform cyberespionage, as well as by hacktivists (18%).
Cybercriminals primarily target government institutions in Nigeria (27%), Algeria (17%), Ethiopia (12%), and South Africa (12%), according to dark web data, further stated Bezborodko.
Open-source data indicates that Egypt accounted for 13% and South Africa for 22% of all cyberattacks.
In the meantime, an examination of posts on the dark web forums showed that the main targets of these messages were Algeria (13%), Nigeria (18%), and South Africa (25%). More than half (64%) of the databases mentioned in the majority of dark web listings (61%) are freely available.
In addition, criminals trade information to get access to the networks of significant African businesses (38% of all messages examined on the dark web). Seventy-four percent of these posts discuss selling access, with an average price of US$2 970. The rise in cyberattacks in Africa poses a cybersecurity challenge raising the question of how Zimbabwe can protect its digital infrastructure.
“To ensure cyber resilience, experts recommend that organizations conduct risk analysis, put together a list of events that could cause irreparable damage, regularly update systems and applications, and continuously check the effectiveness and relevance of security mechanisms and tools in place. Organizations should also host educational events to teach employees basic security rules and allocate budgets for training cybersecurity specialists,” says Positive Technologies.
Experts advise establishing solid collaborations between the public and business sectors to enhance cybersecurity. It's also critical to improve global cooperation, exchange information, and share experiences about contemporary cyberthreats and defense strategies.