Cyberattacks against government and education institutions are increasing in Nigeria, Africa, and the Middle East, according to a new report by Check Point® Software Technologies Ltd.
The report, which covers the global threat landscape for October 2023, reveals that hackers are using sophisticated Remote Access Trojans (RATs) to infiltrate and compromise their targets.
The report ranks Mauritius, Nigeria, Morocco, and Kenya among the top 25 countries in the world that are most affected by cyber threats.
South Africa follows at the 55th position. The report also shows that the education sector is the most targeted by cyberattacks, followed by communications, ISP/MSP, finance and banking, and government and military.
One of the main drivers of the cyber threat escalation in Africa and the Middle East is the widespread use of AgentTesla, a RAT that can steal credentials, capture screenshots, log keystrokes, and execute malicious files.
The report states that AgentTesla is distributed through a complex mal-spam campaign that uses corrupted email attachments to trick users into opening them.
Rudi van Rooyen, the Sales Engineer at Check Point Software, warned that hackers are exploiting the increased online activity during the busy shopping season in November. He advised users to stay alert and avoid clicking on suspicious links or attachments. He also said that no region, including Africa, is immune to these threats.
The report identifies Formbook, NJRat, and Remcos as the most prevalent malware types in October 2023. Formbook is an Infostealer that targets Windows OS and harvests credentials from various web browsers. It has a significant impact in Kenya and Nigeria, where it affects 16.9 percent and 9.2 percent of organisations respectively.
NJRat is a RAT that mainly targets government agencies and organisations in the Middle East, but is also growing in Africa. Remcos is another RAT that spreads through malicious Microsoft Office documents attached to SPAM emails. It can bypass Windows security and execute malware with high-level privileges. However, its presence in Africa is not very significant.
The report also highlights some recent cyber incidents that have affected Nigeria and other African countries.
For example, Anonymous Sudan, a hacktivist group, attempted to shut down MTN Nigeria’s network, to protest Nigeria’s stance on the coup in the Republic of Niger.
Also, the National Information Technology Development Agency in Nigeria issued a warning that it had detected hacking activities targeting government digital services.
The report concludes that the cyber threat landscape in Africa and the Middle East is evolving and becoming more complex. It urges users and organisations to adopt proactive and comprehensive security measures to protect their data and systems from cyberattacks.