Kenya hit by highest number of cyber-attacks in Africa

Kenya is increasingly becoming the soft target for cyber-attacks in Africa, with a new report saying the country was hit hardest on the continent in the first seven months of 2020.

Kenyans, says  the survey by cybersecurity firm Kaspersky, suffered malware attacks – about 14 million, and 41 million potentially unwanted programs, that comprises pornware and adware.

The cases mean Kenya accounted for half of the attacks carried out in Africa where a total of 28 million malware attacks in 2020 occurred and 102 million potentially unwanted programs (PUA) detected.

Kaspersky, noted that PUAs are programs that are usually not considered to be malicious by themselves, but influence user experience in a negative way. One example is adware that bombards user device with ads; aggressive monetising software propagates unrequested paid offers; downloaders may download even more various applications on the device, sometimes malicious ones.

PUAs are known to attack users almost four times more often than traditional malware, and they ultimately reach more targets. In South Africa, the malware would attack 415,000 users in seven months of 2020, while the PUAs were 736,000. 

In South Africa, there were almost 10 million malware attacks and a staggering 43 million PUAs. Nigeria experienced 3.8 million malware attacks and 16.8 million PUA detections – which is four times as the malware attack.

Denis Parinov, a security researcher at Kaspersky, said the popularity of ‘grey zone’ software is rising because they are initially hard to detect.

“Even if the program is detected, its creators won’t be considered to be cybercriminals. The problem with them is that users are not always aware they consented to the installation of such programs on their device and that in some cases, such programs are exploited or used as a disguise for malware downloads,” he said.

This comes after reports by Upstream showed that thousands of low cost devices made by Tecno came infected with pre-installed malware.  The firm showed that over 19.2 million suspicious transactions were recorded from more than 200,000 devices.

This particular threat, noted Geoffrey Cleaves, Head of Secure-D at Upstream, takes advantage of those most vulnerable.

“The fact that the malware arrives pre-installed on handsets that are bought in their millions by typically low-income households tells you everything you need to know about what the industry is currently up against,” he said.

Kaspersky data in July indicated that three in every 10 devices are at risk of undeletable apps in their phones that make them easy target for malicious software.

The Interpol Cybercrime Covid-19 Impact shows that globally, phishing is the number one problem, followed by malware and ransomware, malicious domains and fake news. The report further indicated that the Covid-19 related attacks were mainly social engineering attacks.