Cyberextortion remains an ongoing threat in sub-Saharan Africa with data leaks and targeted attacks, the latest KnowBe4 report from IDC Impact of Cyberextortion on Africa.
The study showed a complex cybercrime landscape in sub-Saharan Africa (SSA) with data leaks, insider threats, malicious emails and targeted attacks that continue to seriously affect business security in the region, of which Angola is a part.
These threats are compounded by budget constraints and that nearly 60% of SSA organizations plan to increase IoT connectivity and use cases in the next 12 months. Growing investments in cloud, Internet of Things (IoT), connectivity and digital solutions increase risks alongside digital benefits.
According to research, the volume of threats faced by organizations in Africa has grown exponentially in recent years and there is a clearly visible linear relationship between the Gross Domestic Product (GDP) and cybercrime on the continent – as one increases, so does the other, but only around a third (17) of 54 African countries have completed a national cybersecurity strategy, where this opens up the threat landscape considerably and puts organizations at greater risk.
The top threats facing organizations in SSA in 2022 are data leakage (61%), internal threats (43%); targeted attacks using phishing (37%); cloud related attacks (34%); and ransomware attacks (30%).
The top five global threats are business email compromise, cloud misconfigurations, software supply chain attacks, and non-compliance.
BUT: Google registers the biggest DDoS attack in the history of the Internet
Phishing ou social engineering attacks remain the second most common type of cybercrime and are evolving in terms of technique and success rates.
These challenges are influencing the security strategy for organizations going forward, with 43% focusing on security for cloud migration, 40% on strengthening assured access for a distributed workforce, and 36% focused on strengthening customer trust in digital services.
According to the report, 56% of organizations in SSA are in the first two stages of data security maturity, meaning that many are still struggling to find their security in this changing landscape.
Cyber exploitation has been very lucrative in recent times where cybercriminals do not expect much retaliation from African states. This means it is unlikely to stop and will very likely become even more prevalent on the continent.
Therefore, advises KnowBe4, organizations have to focus on investments and security strategies that allow combating this threat with more agility and resilience. That means prioritizing a defense-in-depth model with cloud security; privacy and compliance; choose the right security service providers and build a culture of security among decision makers and employees.
