Connecting Africa is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 3099067.

Business of Tech

The biggest cyber risks in MEA – IBM Security

Article Image
Backdoor deployments were the most used cyberattack tactic by cybercriminals in the Middle East and Africa (MEA) region in 2022.

This according to IBM Security's 2023 X-Force Threat Intelligence Index, showing that the deployment of backdoors – which allow remote access to systems – were detected in 27% of cases X-Force responded to last year.

The uptick in backdoor deployments can be partially attributed to their high market value. X-Force observed threat actors selling existing backdoor access for as much as $10,000, compared to stolen credit card data which sells for less than $10 per card.

The finance and insurance industries were the most targeted in 2022, accounting for 44% of incidents and down slightly from 2021 at 48%. Professional, business and consumer services accounted for 22% of attacks, with manufacturing and energy tying for third place at 11%.

Ransomware remains popular

According to the report, ransomware attacks held steady at 18% of incidents in MEA. Globally, however, defenders were more successful detecting and preventing ransomware.

Despite this, attackers continued to innovate, with the report showing that globally the average time to complete a ransomware attack dropped from two months to under four days.

Worms tied with ransomware as the second-most common attack type in the MEA region in 2022, at 18%.

The IBM Security X-Force Threat Intelligence Index tracks new and existing trends and attack patterns – pulling from billions of data points from network and endpoint devices, incident response engagements and other sources.

IBM Security found that ransomware attacks made up 18% of incidents in MEA, and globally the average time to complete a ransomware attack dropped from two months to under four days.  (Source: IBM Security)
IBM Security found that ransomware attacks made up 18% of incidents in MEA, and globally the average time to complete a ransomware attack dropped from two months to under four days.
(Source: IBM Security)

"Proactively managing security risks and evolving cybercrime tactics is a critical priority for organizations across MEA. The X-Force Threat Intelligence Index findings demonstrate the continued threat of ransomware and the increasing use of thread hijacking tactics," said Frida Kleimert Knibbs, security leader at IBM MEA.

"To safeguard against these threats, it's imperative that companies remain vigilant and focus on effective incident response planning. As the security landscape evolves, it is crucial to prioritize threat intelligence and strengthen defenses," she added.

Extortion extends reach

IBM Security found that the most common impact from cyberattacks in 2022 was extortion, which was primarily achieved through ransomware or business email compromise attacks. Extortion and financial loss each accounted for half of identified impacts in incidents across the MEA region in 2021.

Globally, extortion was the most common impact in 28% of cases, with data theft, credential harvesting and data leaks at 17% each. X-Force responded to 47% of cases in Europe, 33% in North America, 10% in Asia-Pacific, 7% in the Middle East and Africa and 3% in Latin America.

Manufacturing was the most extorted industry globally in 2022, and it was again the most attacked industry for the second consecutive year.

"Manufacturing organizations are an attractive target for extortion, given the extremely low tolerance for down time," IBM said.

Global cybercrime trends

Globally, thread hijacking saw a significant rise in 2022, with attackers using compromised email accounts to reply within ongoing conversations posing as the original participant. X-Force observed the rate of monthly attempts increase by 100% globally compared to 2021 data.

Over the year, attackers used this tactic to deliver Emotet, Qakbot and IcedID, malicious software that often results in ransomware infections.

There were some declines, with the proportion of known exploits relative to vulnerabilities falling 10% globally between 2018 and 2022, due to the fact that the number of vulnerabilities hit another all-time high.

The findings indicate that legacy exploits enabled older malware infections such as WannaCry and Conficker to continue to exist and spread.

The number of cybercriminals targeting credit card information in phishing kits also dropped 52% globally in one year, indicating that attackers are prioritizing personally identifiable information such as names, emails, and home addresses, which can be sold for a higher price on the dark web or used to conduct further operations, IBM said.

Related posts:

*Top image source: Image by standret on Freepik.

— Paula Gilbert, Editor, Connecting Africa

Innovation hub


MTN tackles SA power woes with wind & solar hybrid project

MTN South Africa has launched an integrated wind and solar renewable energy generation project as part of its Net Zero efforts.


Interview: Qualcomm execs on mentorship for African startups

Qualcomm Technology VP for Engineering, Sudeepto Roy, and Elizabeth Migwalla, VP for Government Affairs, join Connecting Africa for a video interview about Qualcomm's Make in Africa Mentorship Program.

More Innovation hub

Latest video

More videos

Sponsored video

More videos

Industry announcements

More Industry announcements

Flash poll

All polls

Africa Tech Perspectives


Deep dive into East Africa's tech startup ecosystem

New survey reveals a lack of access to investors, reliance on international VCs and global recession trends as the biggest barriers for East African tech startups to access funds.


Challenges and opportunities for women's tech careers

A new survey reveals that COVID-19, the cost-of-living crisis, skills shortages and a lack of mentorship have negatively affected women's career development over the past two years.


Survey: Opportunities for Women in Tech

Take our new survey for women across Asia, Europe and Africa looking at the biggest challenges and opportunities for women-led enterprises and trends in tech careers for women.

More AfricaCom perspectives

Upcoming events

London Tech Week
June 13-16, 2023
Queen Elizabeth II Centre, Broad Sanctuary, London SW1P 3EE
Cybertech Africa 2023
August 1-2, 2023
Kigali Convention Center, Kigali, Rwanda
Africa Tech Festival, Home of AfricaCom and AfricaTech
November 13-16, 2023
CTICC, Cape Town
More Upcoming events

Guest Perspectives


Omdia View: February 2023

By Omdia Analysts

In February 2023 key events in the Middle East and Africa included a major Internet project for Africa's underserved by Liquid Intelligent Technologies and Microsoft as well as a 5G launch in Tanzania – that and more in this month's Omdia View.


Omdia View: July 2022

By Omdia Analysts

Kenya and Zambia move towards 5G with new spectrum allocations while Tunisie Telecom plans to shut down its 3G network - that and more in this month's Omdia View.

More Guest Perspectives

Partner perspectives

All Partner Perspectives

Like us on Facebook

Newsletter Sign Up

Sign Up