SA continues to be a prime target for cybercriminals looking to fleece consumers, businesses and the government, with criminals now focusing more on high-yielding attacks and leveraging the power of artificial intelligence (AI).
A new report from cybersecurity firm Trend Micro shows that it blocked more than 159-million email threats, about 8-million malicious URLs or links and more than 22-million malicious mobile apps targeted at SA businesses and consumers in 2023.
The firm noted that threat actors have shifted from “big-batch attacks” to focus on a narrower range of more lucrative targets. Such players have tended to wear down people and a company’s digital security measures by exploiting a large volume of attacks.
“Our latest data shows that threat actors are fine-tuning their operations, shifting away from large-scale attacks, and instead focusing on a smaller range of targets, but with higher victim profiles for maximum gain with minimum effort,” said Gareth Redelinghuys, country MD, African Cluster at Trend Micro.
“As they continue to double down on tried and tested techniques, they are also delegating and streamlining operations, resulting in bolder, more effective strikes.”
Our latest data shows that threat actors are fine-tuning their operations, shifting away from large-scale attacks, and instead focusing on a smaller range of targets, but with higher victim profiles for maximum gain with minimum effort.
— Gareth Redelinghuys
Though almost 40,000 ransomware attacks were blocked by Trend Micro in SA in 2023, year-on-year research shows that ransomware groups are working smarter instead of harder, prioritising high-value targets over volume.
Ransomware is a type of malware that encrypts a victim’s data, making it inaccessible until a ransom is paid.
The firm noted a general downward trend in ransomware detection, with worldwide detections from 2021 to 2023 averaging less than half the recorded detections in 2020. Last year, Trend Micro reported that in just the first half of 2023, nearly 15-million malware (malicious software) families were blocked by its systems in SA.
However, this should not be misconstrued as a cue for security operations centres and decisionmakers to lower their guard, warns the firm.
Safeguarding against these issues is top of mind for many organisations, but more can be done.
A separate study by KnowBe4, a cybersecurity training company, shows a moderate level of readiness in security culture across the African continent.
The firm highlights that the continent “faces escalating cyber risks amid rapid technological advancements”. Challenges, including limited resources, inadequate cyber awareness, and economic constraints, marked the continent’s cybersecurity landscape in 2023.
In its global measure to evaluate organisations based on their approach to security, Kenya, Nigeria, and Ghana had the highest scores at 76, 75 and 74, respectively. KnowBe4 says these countries led the charge in cybersecurity readiness, “showcasing robust strategies backed by local governments”, with Ghana having the biggest improvement.
As the use and adoption of AI grew after ChatGPT’s breakthrough and rise in popularity over the past year, criminals have begun to use the technology to intensify their attacks.
“With a security culture score of 72, it’s important to address the findings from a separate survey on generative AI (GgenAI) adoption by organisations in SA,” said Anna Collard, senior vice-president for content strategy at KnowBe4 Africa.
She said the survey identified regulatory gaps and a lack of training in countering AI-generated misinformation, highlighting the need for regulations, training programmes, and partnerships to tackle cyberthreats such as deepfakes, especially during the upcoming elections.
Trend Micro’s research shows that over the course of 2023, AI-backed automation proved “most useful in mining data sets for actionable information, while generative AI has made phishing on mass scale virtually effortless with error-free and convincing messages.”
The SA Council for Scientific and Industrial Research (CSIR) expects an increase in cyberattacks targeting important infrastructure and government bodies in the coming days until South Africans go to the polls.
“This highlights the urgent need for stronger cybersecurity measures to protect both public and private sectors, communities, and national economies,” Collard said.
Would you like to comment on this article?
Sign up (it's quick and free) or sign in now.
Please read our Comment Policy before commenting.