TRENDING
Issam El Haddaoui , Head of Security Sales Engineering for Africa , Check Point Software
In June 2024 , the top malware families impacting Africa included :
• Phorpiex : Known for orchestrating large-scale spam campaigns , Phorpiex has been particularly active in Zimbabwe , Nigeria , and Mozambique .
• Allcome Clipper : This malware targets cryptocurrencies , hijacking clipboard data for outgoing transactions , leading to financial losses and identity theft .
• Expiro : A polymorphic file infector that steals user and system information , compromising data integrity across Zimbabwe and Nigeria .
• Qbot : A multifunctional malware that facilitates credential theft , ransomware delivery , and backdoor access , posing significant risks to organisations in Zimbabwe and South Africa .
• FakeUpdates , SocGholish : This downloader malware leads to further infections by deploying additional malware strains , including ransomware , across South Africa and Nigeria .
The most common vulnerability exploit type in South Africa is Information Disclosure , impacting 76 % of the organisations . Weekly impacted organisations by malware types show that botnets pose the highest threat , followed by ransomware and mobile malware .
South Africa ’ s healthcare sector is facing an urgent cybersecurity crisis amid the implementation of the National Health Insurance , NHI scheme . In South Africa , the advancement of ransomware has seen a significant increase in attacks that exploit zero-day vulnerabilities . The year 2023 saw a 90 % increase in ransomware incidents compared to the previous year .
The healthcare sector ’ s efforts to improve efficiency and cost savings through digital transformation mean the sector ’ s attack surface is expanding , with a noticeable increase in attacks on routers , VPN hardware , and other edge devices .
The top attacked industries in Africa :
• Government and military : Government agencies and military institutions are high-value targets , requiring robust defence mechanisms to safeguard national security interests .
• Finance and banking : Financial institutions face persistent threats , jeopardising sensitive data and critical operations .
• Utilities : The utilities sector is increasingly vulnerable , with attacks potentially disrupting essential services .
• Communications : The communications industry remains a key target for cyber adversaries , threatening infrastructure and data .
• Education and research : Educational institutions and research organisations continue to be targeted , risking the loss of sensitive information .
The healthcare sector is vulnerable to ransomware attacks for several reasons :
Sensitive data
Healthcare providers store vast amounts of sensitive personal and medical data , making them prime targets for cybercriminals .
Critical systems
Medical facilities rely on continuous access to digital systems for patient care , diagnostics , and treatment , meaning any disruption can have immediate and severe consequences .
Outdated infrastructure
According to Check Point Threat Intelligence report , organisations in South Africa are attacked on average 1,175 times per week over the last six months . The top malware threats include FakeUpdates , Botnets , AsyncRat , a Remote Access Trojan , Formbook , an Infostealer , and various Downloaders . Notably , 84 % of the malicious files in South Africa were delivered via the web in the last 30 days .
Many healthcare organisations use outdated IT infrastructure and software , which may lack the necessary security features to fend off sophisticated cyberattacks .
Financial pressure
Given the potential risk to patient safety and the urgency of restoring systems , healthcare organisations may feel pressured to pay ransoms quickly .
Organisations in South Africa are attacked on average 1,175 times per week over the last six months .
“ No matter the direction the country ’ s healthcare policies are taken , the reliance on digitisation and technology will be vital in the roll out of universal healthcare services , making cybersecurity readiness a top priority ,” says Check Point ’ s Workspace Solutions Architect , Shayimamba Conco . p
20 INTELLIGENTCIO AFRICA www . intelligentcio . com