Man
Professional
- Messages
- 3,006
- Reaction score
- 531
- Points
- 113
More than half of cyberattacks in Africa are in the public sector and finance.
Positive Technologies conducted a study that analyzed cyber threats affecting African countries in 2023–2024. Experts noted a significant increase in the number of attacks on the public sector and financial companies, which have become the main targets of organized criminal groups seeking financial gain and espionage, as well as hacktivists. On the dark web, it was found that more than half of the databases related to the region are distributed free of charge, and access to networks of African companies can be purchased for $2,970.
Data analysis showed that the share of attacks on government and financial institutions among all incidents is 29% and 22%, respectively. Shadow forums also confirmed that these areas are particularly attractive to cybercriminals, with ads mentioning government agencies and the financial sector accounting for 19% and 13% of all posts on such platforms.
According to Positive Technologies analysts, the share of attacks on the public sector in Africa has more than doubled compared to the previous period. Attacks on government institutions in the region are most often carried out by APT groups focused on cyberespionage (46%), as well as hacktivists (18%). The most interesting for attackers are government organizations in Nigeria (27%), Algeria (17%), Ethiopia (12%) and South Africa (12%). An increase in the number of attacks is also observed in the financial sector: the share of successful incidents increased from 18% to 22%. Publications on shadow forums related to the African public sector are mainly aimed at the free distribution of data (66%), while those related to finance are aimed at selling information and access (64%).
Industry has become the target of one in ten successful cyberattacks on African organizations, in most cases attackers have tried to disrupt production processes or steal sensitive data. A similar share — 10% of attacks — were incidents in the telecommunications industry, where criminals were attracted by large amounts of personal data and information about user payments.
The main targets of attacks in the African region were computers, servers, and network equipment (65%), which indicates a low level of infrastructure security and vulnerabilities in the network perimeter. At the same time, the share of attacks on web resources increased from 15% to 27%, and half of these attacks were DDoS attacks.
The most popular method of cyberattacks in the study period was the use of malware: it was used in 43% of attacks on organizations and 53% of cases of personal data hacking. Almost a third of all successful attacks on companies were accompanied by the use of ransomware, and in every fourth case, spyware. Exploitation of software vulnerabilities also accounted for a significant share — 18% of all attacks on organizations.
In successful cyberattacks, attackers primarily gained access to confidential information — such data was obtained in 61% of attacks on organizations and 53% of attacks on individuals.
According to open sources, the highest level of cyberattacks in Africa was recorded in South Africa (22%) and Egypt (13%). An analysis of shadow forums showed that South Africa (25%), Nigeria (18%) and Algeria (13%) stand out among the countries under discussion. Databases make up 61% of the information available on the dark web, of which 64% are distributed free of charge. In addition, access to the networks of large African companies is actively sold on shadow platforms, and such publications account for 38% of all messages, and 74% of them offer the sale of access at an average price of 2970 US dollars.
The study covers the period from the first quarter of 2023 to the third quarter of 2024.
Source
Positive Technologies conducted a study that analyzed cyber threats affecting African countries in 2023–2024. Experts noted a significant increase in the number of attacks on the public sector and financial companies, which have become the main targets of organized criminal groups seeking financial gain and espionage, as well as hacktivists. On the dark web, it was found that more than half of the databases related to the region are distributed free of charge, and access to networks of African companies can be purchased for $2,970.
Data analysis showed that the share of attacks on government and financial institutions among all incidents is 29% and 22%, respectively. Shadow forums also confirmed that these areas are particularly attractive to cybercriminals, with ads mentioning government agencies and the financial sector accounting for 19% and 13% of all posts on such platforms.
According to Positive Technologies analysts, the share of attacks on the public sector in Africa has more than doubled compared to the previous period. Attacks on government institutions in the region are most often carried out by APT groups focused on cyberespionage (46%), as well as hacktivists (18%). The most interesting for attackers are government organizations in Nigeria (27%), Algeria (17%), Ethiopia (12%) and South Africa (12%). An increase in the number of attacks is also observed in the financial sector: the share of successful incidents increased from 18% to 22%. Publications on shadow forums related to the African public sector are mainly aimed at the free distribution of data (66%), while those related to finance are aimed at selling information and access (64%).
Industry has become the target of one in ten successful cyberattacks on African organizations, in most cases attackers have tried to disrupt production processes or steal sensitive data. A similar share — 10% of attacks — were incidents in the telecommunications industry, where criminals were attracted by large amounts of personal data and information about user payments.
The main targets of attacks in the African region were computers, servers, and network equipment (65%), which indicates a low level of infrastructure security and vulnerabilities in the network perimeter. At the same time, the share of attacks on web resources increased from 15% to 27%, and half of these attacks were DDoS attacks.
The most popular method of cyberattacks in the study period was the use of malware: it was used in 43% of attacks on organizations and 53% of cases of personal data hacking. Almost a third of all successful attacks on companies were accompanied by the use of ransomware, and in every fourth case, spyware. Exploitation of software vulnerabilities also accounted for a significant share — 18% of all attacks on organizations.
In successful cyberattacks, attackers primarily gained access to confidential information — such data was obtained in 61% of attacks on organizations and 53% of attacks on individuals.
According to open sources, the highest level of cyberattacks in Africa was recorded in South Africa (22%) and Egypt (13%). An analysis of shadow forums showed that South Africa (25%), Nigeria (18%) and Algeria (13%) stand out among the countries under discussion. Databases make up 61% of the information available on the dark web, of which 64% are distributed free of charge. In addition, access to the networks of large African companies is actively sold on shadow platforms, and such publications account for 38% of all messages, and 74% of them offer the sale of access at an average price of 2970 US dollars.
The study covers the period from the first quarter of 2023 to the third quarter of 2024.
Source
