Home » Kenyan Companies Warned by Cybersecurity Firm Kaspersky
News Tech

Kenyan Companies Warned by Cybersecurity Firm Kaspersky

Kenyan Companies Warned by Cybersecurity Firm Kaspersky
According to Cybersecurity firm, Kaspersky, Kenyan Companies are now targeted by Hackers-for-hire or cyber mercenaries who do not necessarily have monetary motivations like traditional cybercrime.
Kaspersky has alarmed Kenyan companies that they will be targets of hired hackers seeking to steal vital information and sell them to rivals.

It has been reported that the hackers if they successfully break into the systems, they steal private data to monetise it in a different way – usually for the purpose of providing advice or insights, based on the data, to share value of the competitive advantage.

For example, a bank might get targeted and have its data analysed to gain an understanding of its market exposure, clients, and back-end systems. A competitor can use that to gain significant benefit. The reality is that in this evolving cyberthreat landscape, no company or government institution can consider themselves safe.

Kaspersky has noted the rise of a new technique in Africa, where hackers or cyber mercenaries are hired to carry out attacks and steal sensitive information from companies and individuals.
“The region may become a focus of these groups in the coming months and thus, businesses and entities need to have an understanding of these emerging threats, along with the threat of APTs, to be prepared and take proactive steps towards effective cybersecurity,” warns the firm.

The top industries under attack in Sub-Saharan Africa in H1 2020 include government, education, healthcare, and military. While government and military present compelling – and obvious – targets, education and healthcare are often used as pivot points to gain access to other institutions. Sometimes, an entity is a victim while other times it is the target.

The top three threat actors in these regions in this regard are TransparentTribe, Oilrig, and MuddyWater.

“The remainder of the year will likely see APT groups and hacking-for-hire threat actors increase in prominence across the globe. Africa will continue to see more sophisticated APTs emerge and we also suspect that the hacking-for-hire actor type could target companies in Africa in the future. We also anticipate that cybercriminals will increase targeted ransomware deployment using different ways. These can range from trojanised cracked software to exploitation across the supply chain of the targeted industry. Data breaches will certainly become more commonplace especially as people will continue to work remotely for the foreseeable future while exposing their systems to the Internet without adequate protection,” says Maher Yamout, Senior Security Research, Global Research & Analysis Team at Kaspersky

In South Africa, Kenya and Nigeria, APT groups are exploiting the current uncertainty around COVID-19 to steal sensitive information. 

kaspersky
State-sponsored hackers on the rise
So far Kenya has witnessed a 26 percent reduction in malware attacks in the first half of the year but uncertainties brought by COVID-19 are likely to exacerbate the attacks in the second half of the year.
“Human cyber threat remains rife, where Africa is not immune to the evolving techniques of Advanced Persistent Threats (APTs), as well as the possibilities of being a future target of hacking-for-hire threat actor groups,” said Kaspersky.
Latest data from the Communications Authority indicated that between April and June this year, 13.9 million cyber threats were detected which is a 59.9 percent decrease from the 34.6-million cyber threat attempts detected in the January to March quarter.
The country lost an estimated Kshs 29.5 billion to cybercriminals as indicated in a report by Serianu indicate that in 2018. The government, education, healthcare, and military. are the top industries under attack in Sub-Saharan Africa in the first half of the year