Mobile Malware Attacks on the Rise in SA
South Africa saw a 6% rise in mobile malware attacks in the first quarter of 2019 while malware attacks, in general, were up 22% compared to the same quarter last year.
This according to Riaan Badenhorst, general manager of Kaspersky in Africa, who was sharing the company's research statistics with Connecting Africa.
Badenhorst said that Kaspersky research showed over 21 million malware attacks in Q1 2019 in South Africa and over 53,800 mobile malware attacks in the same period. There were also 970,557 phishing attacks in the first quarter in SA, which is an average of 10.8 per day.
"As the world becomes more mobile, the role of smartphones in business processes and day to day life is growing rapidly. In response to this, cybercriminals are paying more attention to how they are distributing malware and the attack vectors they make use of. Mobile is one such channel that is proving effective and therefore we have seen an increase in these attacks," Badenhorst explained.
"The channels through which malware is delivered to users and infects their devices is a key part of the success of a malicious campaign today, taking advantage of those users who do not have any security solutions installed on their mobile phones. Particularly, we are seeing an increase in malware designed to bypass system protection and deliver all sorts of malware, from banking Trojans to ransomware," he added.
In the broader Middle East, Africa and Turkey (META) region Kaspersky reported more than 150 million malware attacks in Q1 alone, representing an average of 1.6 million attacks per day, and a huge 108% increase over the same quarter in 2018.
"With some of the highest mobile phone penetration rates in the world, it is no surprise that the META region also attracts a significant share of malware attacks targeted at mobiles. Mobile malware attacks in META in Q1 2019 numbered more than 368,000, an average of 4,098 per day, and a spike of 118% when compared to Q1 2018," Badenhorst said.
Kaspersky found that in the META region, there were 5.83 million phishing attacks over the three month period, which worked out to a daily average of 64,000 and a 334% increase year-on-year.
There were also 3.16m attacks associated with crypto-mining malware in the region in the period, a 146% increase year-on-year, while ransomware attacks came in at 193,000 for the period, which was an 18% decrease compared to a year ago.
In terms of phishing attacks, Badenhorst said that human error plays a large role.
"In 2017, Kaspersky reported that 59% of South African companies attributed weaknesses in their IT security strategy to the careless actions of employees. And if we consider that phishing attacks more than doubled in 2018 to reach almost 500 million, according to Kaspersky research, then I believe it is fair to say that human error will likely remain a key threat in opening companies up to such attacks. In fact, the human factor played a major role in making businesses worldwide vulnerable to the recent WannaCry ransomware epidemic."
When asked about cybersecurity in the African market in general Badenhorst said that as the digital world grows and continues to innovate, he expects to see more sophisticated antics by cybercriminals.
"We expect to see more attacks on supply chains and in the financial services industry, as well as more cyber-espionage attacks -- which can cause massive damage to business and nation-states," he said. "We also expect to see more direct attacks on users and cloud services as the cloud continues to evolve. And, of course, as the Internet of Things (IoT) becomes even more mainstream, we can expect cybercriminals to continue to focus on IoT related attacks.
"Africa is not immune to any type of cyber threat. Cybercriminals will and do target anyone and any region where they can gain and so businesses operating in Africa must be proactively prepared, to ensure protection against such cyber-related threats," Badenhorst concluded.
— Paula Gilbert, Editor, Connecting Africa