From 2023 to 2024, spyware attacks targeting businesses in Africa increased by 14%, according to Kaspersky. The surge in spyware incidents coincided with a rise in data theft attempts, highlighting the growing threat landscape. Spyware is designed to secretly monitor user activity and steal sensitive data, making it a significant cybersecurity concern. This increase was coupled with a 26% rise in password-stealing malware detections, which aims to harvest login credentials and other confidential information.
Kaspersky’s lead cybersecurity researcher, Maher Yamout, pointed out that several factors contributed to this spike in cyberattacks. The shift to hybrid work models and rapid digitalization, particularly in the B2B sector, have left businesses vulnerable to advanced threats. The lack of adequate cybersecurity investments in some African businesses has also played a role in this exposure. Yamout further noted that the expansion of digital financial services, coupled with low digital literacy rates, has made individuals in the B2C sector prime targets for cybercriminals.
In total, Kaspersky detected 131.6 million web threats in Africa last year, with significant attack attempts in Kenya, South Africa, and Morocco. The most common threats were phishing and ransomware, with over 66 million phishing link clicks recorded in the region. Among these, corporate users accounted for over 14.8 million phishing attempts. Furthermore, local on-device threats, including malware spread through USB drives and encrypted files, grew by 4%, impacting several African countries, notably Nigeria, Ethiopia, South Africa, Senegal, and Morocco.
To counter these growing threats, Yamout emphasized the importance of collaboration, investment in specialized cybersecurity training, and improving digital literacy. He advocated for initiatives like the African Cyber Surge operation to strengthen the continent’s digital resilience. These efforts, he argued, could provide a foundation for building a more secure digital ecosystem across Africa, ensuring better protection against future cyber threats.
Reference:
