Yuliya Shlychkova, Vice President, Global Public Affairs, Kaspersky
Dmitry Fonarev, Senior Public Affairs Manager, Kaspersky
In May 2024, INTERPOL released the third edition of the African Cyberthreat Assessment Report. This report presents a comprehensive overview of the cyberthreat landscape on the continent, identifying principal threat actors, national efforts made by African states to counter malicious operations, and strategic recommendations for a safer digital future. As in previous years, Kaspersky contributed to the document with its intelligence data and vast expertise in mitigating risks in the field of cybersecurity.
The new INTERPOL report highlights alarming trends regarding the escalating cyberthreats in Africa. In 2023, the number of cybercrime assaults continued to increase across the region and reached the highest average in the world. Ransomware emerged as one of the most serious and widespread attack vectors, targeting critical infrastructure, financial institutions, and manufacturing facilities, among others. Notably, in just a single week in February 2023, Kaspersky detected about 300 cases of ransomware attempts in South Africa. Globally, Kaspersky experts discovered 43 new families and more than 23,000 modifications of ransomware between November 2022 and October 2023.
According to the report, African countries are particularly susceptible to digital extortion, phishing and other online scams, such as business email compromise (BEC). A cyberattack method targeting both businesses and individuals by exploiting trusted relationships, BEC is on the rise across the continent and poses a significant threat to the financial sector. Although prior to 2023 these attacks were characterized by poor grammar and style, criminals now send far more convincing emails to potential victims in their native languages.
The surge in such hybrid threats is facilitated by the development and increasing use of sophisticated technologies with malicious intentions. In this context, particular emphasis is placed on the impact that the misuse of artificial intelligence (AI) has on African citizens and enterprises. For instance, cybercriminals exploit AI-generated content to impersonate high-level officials or executives with the purpose of stealing funds or valuable confidential data. Additionally, attackers resort to using synthetic images and videos to implement advanced social engineering techniques, obtaining sensitive personal information to extort their victims. Meanwhile, according to the recent Kaspersky Business Digitization Survey, only 25% of employees surveyed in the Middle East, Turkey and Africa (META) region could distinguish a real image from an AI-generated one.
As a leading global company and a responsible contributor to the African cybersecurity ecosystem, Kaspersky firmly supports INTERPOL’s and AFRIPOL’s efforts to prevent and disrupt cybercrime attacks across the region and shares their holistic approach towards creating a more cyber-resilient environment within the continent. To achieve this objective, countries along with regional and international organizations should maintain a close dialogue, focused on the following:
- Enhanced cooperation. Concerted interaction among African stakeholders, including policymakers, the private sector, academia, etc., – both at national and international levels – lays the foundation for effectively dismantling cybercriminal groups and thwarting attacks. One vivid example of this collaboration is the African Cyber Surge II operation, which began in April 2023 and lasted four months, involving 25 countries in the region. Within its framework, Kaspersky shared indicators of compromise (IoC), data on malicious servers, fake IP addresses, as well as phishing links and domains with INTERPOL. The operation, supported by other police agency partners, resulted in the arrest of 14 individuals and revealed the delinquents’ network infrastructure. Success stories such as these could be an additional impetus to strengthen multistakeholder partnerships in the fight against cybercrime.
- Capacity building. Given the relatively recent emergence but rapid development of digital technologies in Africa, the lack of competent professionals to protect IT infrastructure from cyberattacks both within and outside the region is a significant concern. As a result, growing investments are needed in comprehensive training programs in cybersecurity, ethical hacking and digital forensics. The corporate sector could actively cooperate with governments, among others, to enhance the cybersecurity and cryptography skills of law enforcement agency personnel through technical training programs, such as Kaspersky Expert Training courses.
- Digital literacy. Raising cybersecurity awareness is crucial for bridging the digital gap in African countries. Specific educational initiatives need to be inclusive and target all social groups, but with more than 60% of the continent's population under the age of 25, the focus should be on the younger generation. Public authorities should therefore incorporate cyber hygiene into school and university educational programs. Additionally, the corporate sector could assist in this endeavor by elaborating training materials and conducting literacy campaigns.
In conclusion, the emerging dynamics of cyberattacks and the rapidly evolving threat landscape in Africa have a tangible negative impact on financial stability of large numbers of Africans. However, these risks also present an opportunity for fostering a stronger regional dialogue on combating cybercrime and preventing threats.