Connecting Africa is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 3099067.

Business of Tech

The biggest cyber risks in MEA – IBM Security

Article Image
Backdoor deployments were the most used cyberattack tactic by cybercriminals in the Middle East and Africa (MEA) region in 2022.

This according to IBM Security's 2023 X-Force Threat Intelligence Index, showing that the deployment of backdoors – which allow remote access to systems – were detected in 27% of cases X-Force responded to last year.

The uptick in backdoor deployments can be partially attributed to their high market value. X-Force observed threat actors selling existing backdoor access for as much as $10,000, compared to stolen credit card data which sells for less than $10 per card.

The finance and insurance industries were the most targeted in 2022, accounting for 44% of incidents and down slightly from 2021 at 48%. Professional, business and consumer services accounted for 22% of attacks, with manufacturing and energy tying for third place at 11%.

Ransomware remains popular

According to the report, ransomware attacks held steady at 18% of incidents in MEA. Globally, however, defenders were more successful detecting and preventing ransomware.

Despite this, attackers continued to innovate, with the report showing that globally the average time to complete a ransomware attack dropped from two months to under four days.

Worms tied with ransomware as the second-most common attack type in the MEA region in 2022, at 18%.

The IBM Security X-Force Threat Intelligence Index tracks new and existing trends and attack patterns – pulling from billions of data points from network and endpoint devices, incident response engagements and other sources.

IBM Security found that ransomware attacks made up 18% of incidents in MEA, and globally the average time to complete a ransomware attack dropped from two months to under four days.  (Source: IBM Security)
IBM Security found that ransomware attacks made up 18% of incidents in MEA, and globally the average time to complete a ransomware attack dropped from two months to under four days.
(Source: IBM Security)

"Proactively managing security risks and evolving cybercrime tactics is a critical priority for organizations across MEA. The X-Force Threat Intelligence Index findings demonstrate the continued threat of ransomware and the increasing use of thread hijacking tactics," said Frida Kleimert Knibbs, security leader at IBM MEA.

"To safeguard against these threats, it's imperative that companies remain vigilant and focus on effective incident response planning. As the security landscape evolves, it is crucial to prioritize threat intelligence and strengthen defenses," she added.

Extortion extends reach

IBM Security found that the most common impact from cyberattacks in 2022 was extortion, which was primarily achieved through ransomware or business email compromise attacks. Extortion and financial loss each accounted for half of identified impacts in incidents across the MEA region in 2021.

Globally, extortion was the most common impact in 28% of cases, with data theft, credential harvesting and data leaks at 17% each. X-Force responded to 47% of cases in Europe, 33% in North America, 10% in Asia-Pacific, 7% in the Middle East and Africa and 3% in Latin America.

Manufacturing was the most extorted industry globally in 2022, and it was again the most attacked industry for the second consecutive year.

"Manufacturing organizations are an attractive target for extortion, given the extremely low tolerance for down time," IBM said.

Global cybercrime trends

Globally, thread hijacking saw a significant rise in 2022, with attackers using compromised email accounts to reply within ongoing conversations posing as the original participant. X-Force observed the rate of monthly attempts increase by 100% globally compared to 2021 data.

Over the year, attackers used this tactic to deliver Emotet, Qakbot and IcedID, malicious software that often results in ransomware infections.

There were some declines, with the proportion of known exploits relative to vulnerabilities falling 10% globally between 2018 and 2022, due to the fact that the number of vulnerabilities hit another all-time high.

The findings indicate that legacy exploits enabled older malware infections such as WannaCry and Conficker to continue to exist and spread.

The number of cybercriminals targeting credit card information in phishing kits also dropped 52% globally in one year, indicating that attackers are prioritizing personally identifiable information such as names, emails, and home addresses, which can be sold for a higher price on the dark web or used to conduct further operations, IBM said.

Related posts:

*Top image source: Image by standret on Freepik.

— Paula Gilbert, Editor, Connecting Africa

Innovation hub


Five mobility startups to watch in 2024

Connecting Africa has compiled a list of five mobility startups that are making a difference in the communities they serve.


Orange Ventures, Digital Africa promise more funding for startups

Orange Ventures and Digital Africa are teaming up to invest more in tech startups in Africa and the Middle East through Digital Africa's Fuz program and the Orange Digital Center network.

More Innovation hub

Latest video

More videos

Partner perspectives

All Partner Perspectives

Sponsored video

More videos

Follow us on X

Industry announcements

More Industry announcements

Upcoming events

Africa Tech Festival 2024
November 11-14, 2024
Cape Town, South Africa
More Upcoming events

Africa Tech Perspectives


Uber's Marjorie Saint-Lot on inclusion and sustainability in Africa

Uber's Country Manager for Ghana and Cote d'Ivoire, Marjorie Saint-Lot, shares how the ride-hailing company is approaching public-private partnerships, environmentally friendly initiatives and gender inclusion in Africa.


The 100 most influential African leaders in 2023

A new report from Africa Tech Festival and Connecting Africa puts a spotlight on the top 100 African leaders in the telecoms and technology sector in 2023.


Deep dive into East Africa's tech startup ecosystem

New survey reveals a lack of access to investors, reliance on international VCs and global recession trends as the biggest barriers for East African tech startups to access funds.

More Africa Tech perspectives

Guest Perspectives


How e-mobility could transform Africa's transport sector

By Francis Hook

ICT analyst Francis Hook delves into Africa's e-mobility sector and unpacks the challenges faced locally and the benefits the move to electric vehicles could bring to urban transport systems.


Omdia View: April 2024

By Omdia Analysts

April 2024's telecoms highlights in the Middle East and Africa included a license for Starlink in Ghana, new mobile termination rates in Ethiopia, and 6G trials in Bahrain – that and more in the latest Omdia View.

More Guest Perspectives

Like us on Facebook

Newsletter Sign Up

Sign Up
Tag id test-002