There is a common misconception that the most dangerous threats to encounter on modern users’ digital journeys are likely to appear during Internet surfing. The reality, however, based on the most recent analysis of cyberattacks in South Africa, Kenya and Nigeria in 2020 by Kaspersky experts demonstrates that users are in fact more likely to face malware-related attacks hidden within their devices.
Such threats are classified as “local”, which means they are detected either on users’ devices or on portable data storage devices, such as flash-drives.
In 2020, 25 per cent of Kaspersky private users in South Africa, 40 per cent in Kenya and 38 per cent in Nigeria were attacked by such threats. To provide a comparison, web attacks only affected nine per cent of users in South Africa, 11 per cent in Kenya and eight per cent in Nigeria.
When looking at corporate users in these regions, the numbers show similar pattern: 23 per cent of corporate users in South Africa, 29 per cent in Kenya and 35 per cent in Nigeria encountered such local threats within 2020.
Unfortunately, there has been an increase in the sophistication of such threats, which may be hiding on the user’s device within a seemingly legitimate file for a while, to fly under the radar and only strike later.
“The cyber threat landscape across Africa is constantly evolving,” says Denis Parinov, a cybersecurity expert at Kaspersky.
“A few years ago, there were much more drive-by attacks – cases when different malicious software is downloaded and being run while the user simply browses the Internet.
Nowadays, most of the web-threats “stays in browser”: they specialise in content replacement, browser locking or clickjacking, online-skimming, cookie stuffing, etc. Now the situation when a user could download a malicious file directly is not too often.
It’s more common for a malware to be disguised as something else to hide from the security solutions, remaining an unseen threat to users. The good news however is that modern security solutions are too advanced for such malware to fly under radars – it is more likely to be blocked either during the initial scan of the file by a security solution that happens by default or within the very moment such programs attempt to launch.”
To protect against cyber threats including malware, Kaspersky recommends that users avoid dubious links from letters, messages in instant messengers or short text messages.
“Regularly install updates for the operating system and applications; install applications only from official stores and use complex and different passwords for accounts,” Kaspersky says.
The app giant further advises user to regularly copy important data from their device to the cloud, to a USB flash drive or hard drive, to avoid infection. To further ward off the threat, it advises users against allowing applications access to functions that they do not need.
The company points out, “Install a reliable security solution such as Kaspersky Internet Security.”
In addition, companies are encouraged to provide training to improve cyber literacy among their employees. For example, use of the automated platform Kaspersky to develop safe behaviour skills and form sustainable cybersecurity habits.
“The solution allows the company to assess the current knowledge of an employee in the field of cybersecurity and in accordance with this, determine the set of skills that the employee needs depending on job duties and risk profile and build a timetable for the programme,” according to Kaspersky.
- A Tell report