A 2019 cybersecurity report by KnowBe4 found that Africa is increasingly vulnerable to cyber-attacks. The report highlighted how vulnerable users were when it came to recognising cyber-threats and managing their risk profiles.
In 2020, Accenture released a report entitled ‘Insight into the Cyberthreat Landscape in South Africa’ that revealed that there are around 577 attempted malware attacks every hour. Cybercrime has turned towards Africa and is putting its people and organisations at risk.
“With cybercrime shifting its attention towards emerging economies and with Africa’s internet penetration about to double to one billion internet users by 2022, the African continent has become an attractive target for cybercrime,” says Anna Collard, Managing Director of KnowBe4 Africa. “A lot of these users will be connecting for the first time and will have very little awareness of the risks.”
And the risks are extensive. The Accenture report pointed out that in 2019, many of the attacks were successful, particularly against well-known organisations and service utilities. This draws a picture of a worrying trend that can fundamentally affect the lives and livelihoods of people on the continent.
“Sub-Saharan Africa is the region with the most financial transactions happening via mobile devices,” says Collard. “This is another reason why crime is paying attention. If users aren’t aware of the risks or don’t realise that their mobile devices put them at risk, then they are open to fraud and attack.”
Many people still think that mobile devices aren’t vulnerable to attack. They don’t realise that fake links, phishing emails, scams and malware are as easily perpetrated on a mobile device as they are on a PC. In fact, many cybercriminals use fake links and phishing messages to catch people who are unaware on WhatsApp or SMS. People are often more inclined to believe that a SMS or WhatsApp message is real and are lured into handing over important personal information using these channels.
“The problem is that many people can’t protect themselves because they don’t realise the extent of the threat or how to identify it,” says Collard. “They think they can – our survey found that around 55% of respondents believed they could identify a security threat and yet they gave away personal information or fell prey to scams. There is a desperate need for more education around cybercrime, how to identify it, and the methods that scammers use.”
The continent is lagging on security legislation and education, and is lacking security professionals who can support both business and government in refining their security postures and approaches.
“The high degree of digitisation, combined with the increase in mobile malware and sophistication of social engineering attacks makes people more vulnerable than ever,” says Collard.
Training is essential in minimising risk. If people understand the processes and methods used by cybercriminals, they are more likely to identify them and to avoid making unnecessary mistakes.
“Training will help people to identify potential risks and be more alert before they commit to sharing information or clicking on images or links,” says Collard. “This can help Africa and its people push back against the rising tide of cybercrime and protect themselves and their personal information.