Corporate cyber attacks in East Africa on the rise

Written By: Margaret Kalekye

Insider cyber threats are largely attributed to malicious employees and contractors.

The number of insider-related cyber security incidents in East Africa has increased by 55 per cent in the last three months.

KBC Radio_KICD Timetable

This is even as most companies lacking active monitoring of their IT infrastructure transitioned to remote work occasioned by the COVID-19 pandemic.

According to Dimension Data, the sudden spike has resulted from attackers taking advantage of publicly available weak systems and most security controls designed to monitor and capture activities as more employees remotely connect to company resources from mobile devices and external networks.

The Financial Services Industry (FSI) remains the most targeted sector because of the immediate monetary gain.

Get breaking news on your Mobile as-it-happens. SMS ‘NEWS’ to 20153

Speaking during the launch of Dimension Data Intelligent Security business in East Africa, the unit’s Head – Ishmael Muli said insider threats are largely attributed to malicious employees and contractors.

Statistics from the company’s Threat Intelligence Centre shows that most incidences in the region originate from employee negligence and other close associates ignoring corporate cybersecurity policies, misuse of data, and installation of unauthorized applications among others.

Dimension Data’s Intelligent Security unites all the capabilities and security offerings previously managed by its subsidiary brands Dimension Data East Africa and Internet Solutions into one business and will offer world-class solutions from global partner NTT Ltd. whilst developing locally relevant solutions tailored for protecting organizations in East Africa.

“Across East Africa, we are seeing insiders take advantage of organizations that lack visibility or the ability to investigate successful cyberattacks due to limited access controls to detect unusual activity once someone breaches their network. Some of these attacks involve manipulation of transactional data, tampering of logs to limit tracing, as well as framing legitimate users – all of which make forensic investigations difficult,” Muli said.

“Cybersecurity plays a critical role for any business within emerging markets like Kenya. We’ve built Dimension Data Intelligent Security to ensure that we offer world-class solutions to our clients while making sure they suit the unique needs of our clients operating within these markets. Further to this, we plan to focus on local skills development specifically in the threat intelligence space,” he added.

Current attacks within East Africa are being linked to hackers employing smarter methods to distribute their server networks and occasionally purchasing command and control systems in other countries, with traffic being routed through myriad systems making it difficult to trace its origin.

Malware attacks

According to the Communication Authority (CA) Annual Report 2018/2019, malware attacks were the most prevalent threats accounting for approximately 78 per cent of all cyber threat detections.

Web application attacks and botnet/denial of service threats accounted for approximately 11% and 9% per cent respectively of detected cyber threats.

The first half of the year has also seen an increase in reconnaissance attacks accounting for 40 per cent of all observations in the Middle East and Africa (MEA) region according to NTT Ltd. Global Threat Intelligence Report 2020.

A rise in Web Application attacks on common Content Management Systems (CMS) such as Joomla and WordPress accounted for over 20 per cent of observed attacks.

While service-specific attacks increased by 40 per cent targeting known vulnerabilities that may have remained largely unaddressed by various organizations.

The current COVID-19 crisis has seen an upsurge use of technology as many companies adopt work from home and bring your own device policies, increasing organizational risk as cybersecurity etiquette shifts to end-users. As a result, the most prevalent attacks include phishing and social engineering.

Muli is advising organizations to invest in threat intelligence services to gain regular visibility of what is happening in their internal networks – to automatically detect and remediate stealthy attacks that would otherwise be missed.

He urged organizations to conduct insider risk assessments on their critical business functions that could be leveraged by Insiders for fraud.


Tell Us What You Think