January 20, 2023

SA has highest number of ransomware and email attacks in Africa

South Africa remains the most targeted African country in terms of ransomware and business email compromise. With a torrent of new cyber attacks, the last couple of years were the worst on record. More than half of South African firms were impacted by ransomware in the past year.

With digital adoption reshaping the African economy, new opportunities for cyber criminals are emerging with equal force. In recent years, the cybercrime threat landscape in Africa has focused primarily on the continent’s most digitised nations. Morocco and Kenya have also experienced high levels of cyber crime activity, alongside South Africa.

According to Interpol's African Cyber Threat Assessment Report, almost 220 million email threats were detected in South Africa in 2021. Since then, this figure has continued to rise, costing the country billions a year in losses.

2022 saw a flurry of ransomware attacks taking place across a wide range of industries in South Africa. In both public and private sectors, high profile ransomware attacks threatened critical infrastructure and enterprises. From supermarket chains to municipal service providers, South Africa has witnessed a massive increase in ransomware attacks in the last few years.

New types of cyber attacks in SA

Last quarter of 2022 saw an increase in new types of ransomware, including “Agenda” - an extremely damaging form of malware. Detected in Thailand, Indonesia, Saudi Arabia and South Africa, this new generation of malware has targeted healthcare and educational institutions.

Cybercrime groups using Agenda have demanded R13.6-million in ransom. Agenda works by overriding antivirus processes. This malware can change passwords, encrypt data and automatically log into systems with new credentials. This can lead to an entire network being infected with malware if it is not properly contained.

While Agenda lies on the extreme end of the scale, the average ransom payout by South African institutions is estimated to be around R3.2-million. The cost of ransomware attacks has a devastating effect on the economy. Businesses without adequate resources to detect, mitigate and respond to threats are particularly vulnerable to the effects.

Ransomware-as-a-service is a profitable business model, so cyber criminals are targeting countries like South Africa which lack appropriate cyber security. New types of ransomware and email-borne malware are affecting South African institutions.

So-called zero day threats are difficult to intercept and contain with traditional cyber security solutions. As cyber criminals become more inventive in their approach, IT teams need to look for flexible security solutions that can respond to new types of malware.

Protecting businesses from ransomware and email attacks

Looking ahead, email security continues to be front of mind for IT professionals. The vast majority are ransomware attacks happening through email phishing or business email compromise. Advanced social engineering tactics are used to bait unsuspecting victims into clicking on malicious links or revealing confidential data. Threat actors are finding new and inventive ways to infect networks, holding business systems hostage until ransom has been paid.

South African institutions and businesses looking to build up their resilience to cyber threats are upgrading their approach to digital security. Cyber security awareness training, combined with the right cyber security solutions, have become a necessary expense for both large and small businesses organisations. For more information or to get a quote for our cyber security solutions, email us at marketing@seacom.com or leave us a message.

SEACOM owns Africa’s most extensive network of information and communications technology (ICT) infrastructure, including subsea cables and secure internet connections. We offer a diverse range of flexible, scalable and high-quality solutions for businesses that meet world-class standards for connectivity.

SEACOM is privately owned and operated, making it agile and adaptable to the needs of the customer. This makes us the preferred ICT and internet connectivity partner for African businesses and peripheral service providers. We can guarantee high-speed, low-latency and secure internet connections to corporates and small enterprises.

For‌ ‌more‌ ‌information‌ ‌on‌ our internet and voice solutions, ‌follow‌ ‌us‌ ‌on‌ ‌‌LinkedIn‌,‌ ‌‌Facebook‌ ‌or‌ ‌‌Twitter.‌ ‌Keep‌ ‌an‌ ‌eye‌ ‌on‌ ‌our‌ ‌‌news‌ ‌section‌‌ ‌for‌ ‌insightful‌ ‌articles‌ and relevant news stories on African ICT, internet connectivity and our leading cloud and security solutions.

Need internet for your home? Our subsidiary, WonderNet, brings fast and cost-effective broadband internet to all Africans with a fibre-to-the-home offering.