At GITEX Africa Kaspersky revealed the dynamics for cyberthreats in the African region as per the latest anonymized data from the Kaspersky Security Network (KSN)*. Kenya, South Africa, Morocco and Nigeria were among the most attacked countries, and from 2023 to 2024 African businesses got targeted by web threats, on-device threats, and attacks aiming to steal data. Detailed information about Africa’s cyberthreat landscape is available in Kaspersky’s new report.
Web-based threats, or online threats, are a category of cybersecurity risks that may cause an undesirable event or action affecting users browsing the internet. According to Kaspersky data, there were 131 580 587 web threats detected in 2024 in the African region. Businesses got targeted by web threats more often in 2024 than in 2023, with threat detections increasing by 1.2%.
Kenya, South Africa and Morocco are the top 3 countries in the region by the number of detected web threats. Throughout 2024, there were almost 20 mln attack attempts in Kenya, almost 17 mln in South Africa, and 12.6 mln in Morocco.
Local (on device) threats include malware that is spread via removable USB drives, CDs and DVDs, or that initially makes its way onto a computer in non-open form (for example, programs in complex installers, encrypted files, etc.). According to Kaspersky telemetry, local (on device) threat detections in organizations in the African region in 2024 increased by 4% compared to 2023. Morocco, Senegal, Nigeria, South Africa and Ethiopia were among the countries that saw growth in local threats detected in organizations.
There has been a spike in threats related to data theft. According to Kaspersky data, there was a 14% growth in spyware attack detections on businesses in the African region from 2023 to 2024. Spyware is secretly installed on a user’s computer to monitor their actions and collect their data.
Additionally, there has been a 26% increase in password stealer detections. Password stealers are a type of malware designed to harvest login credentials and other sensitive data. Kenya, Morocco and South Africa were the top countries by the number of password stealer attack attempts, followed by Tanzania, Namibia, Uganda and Senegal.
“Africa’s rapid digital expansion has brought significant opportunities, but it has also exposed the continent to a growing array of cyberthreats. Our statistics show an increase in attack detections for several types of cyberthreats, and the factors driving these increases are multifaceted. In the B2B sector, the continuing shift toward hybrid work models and the rush to digitize operations — often outpacing cybersecurity investments — may leave African businesses exposed to advanced persistent threats. In the B2C space, the explosion of digital financial services, coupled with low digital literacy rates, makes individuals prime targets for opportunistic attacks. Organizations in Africa should prioritize a unified approach by enhancing collaboration, investing in specialized cybersecurity training, and promoting digital literacy to effectively combat the rising tide of cybercrime. Initiatives like the African Cyber Surge operation and targeted educational programs can serve as blueprints for building a resilient digital ecosystem across the continent,” comments Maher Yamout, Lead Cybersecurity Researcher with Kaspersky Global Research and Analysis Team (GReAT).
To stay protected, follow the recommendations below.
Individual users:
- Do not download and install applications from untrusted sources
- Do not click on any links from unknown sources or suspicious online advertisements
- Always use two-factor authentication when available. Create strong and unique passwords, using a mix of lower-case and upper-case letters, numbers, and punctuation. Use a reliable password manager to help to remember them
- Always install updates when they become available; they contain fixes for critical security issues
- Ignore messages asking to disable security systems for office or cybersecurity software
- Use a robust security solution appropriate to your system type and devices, such as Kaspersky Premium
Organizations:
- Always keep software updated on all the devices you use to prevent attackers from infiltrating your network by exploiting vulnerabilities
- Do not expose remote desktop services (such as RDP) to public networks unless absolutely necessary and always use strong passwords for them
- Use solutions such as Kaspersky NEXT EDR Expert for comprehensive visibility across all endpoints on a company’s corporate network to get superior defense, automate routine EDR tasks, enable analysts to speedily hunt out, prioritize, investigate, and neutralize complex threats and APT-like attacks
- Use the latest Threat Intelligence information to stay aware of actual TTPs used by threat actors
- Back up the corporate data regularly. Backups should be isolated from the network. Make sure you can quickly access the backups in an emergency if needed
Kaspersky Africa Cyberthreat Landscape Report is available by this link.
Join Kaspersky at GITEX Africa at stand 13C-20, Hall 13.
* Data sent to Kaspersky is anonymized and protected, even in transit, in accordance with stringent industry standards including encryption, digital certificates, segregated storage and strict data access policies. Learn more about KSN here: https://www.kaspersky.com/ksn
