Africa’s ‘Mobile-First’ Status Makes Continent More Vulnerable to Malware Attack
Africa’s being the ‘mobile-first’ and often ‘mobile-only’ continent makes it more vulnerable as cyber-criminals target mobile devices.
Check Point, a software technologies company that compiles a quarterly analysis of the global Threat Index, urges individuals and organisations who run their businesses off mobile devices to apply the same level of security to mobile as required by traditional networks and PCs.
Check Point, a global pure-play network cyber-security vendor whose Threat Index provides a data-based breakdown of new and prevalent threats and the relative rankings of countries’ risk profiles globally, says the higher the ranking the greater the threat of cyber-attack.
At the end of the first quarter of 2016, Nigeria ranks as the 16th highest ranked country, moving up two places from 18th position in the preceding quarter. Developing and African nations are highly represented in the upper rankings of the index, and Nigeria was surpassed by a handful of other African countries, including Namibia and Malawi in second and fourth spots respectively. In stark contrast, Kenya improved their ranking by 24 places, moving from 45th position at the end of 2015, to 69th at the end of the quarter.
The Index is said to be based on threat intelligence drawn from Check Point’s ThreatCloud World Cyber Threat Map which tracks how and where cyber-attacks are taking place worldwide in real time.
Rick Rogers, Area Manager for East and West Africa at Check Point Software Technologies, says Nigeria’s worsening ranking may be due to a dramatic increase in threats targeting mobile devices specifically, while Kenya’s improvement could reflect a growing maturity in security awareness. “It’s not immediately clear why the East and West African hubs are experiencing such different moves in terms of cyber-attacks, and we are generally seeing a lot of volatility month to month for many of the countries on the index. But this quarter, mobile malware ranked as one of the ten most prevalent attack types affecting corporate networks and devices for the first time ever.”
“With Africa being the ‘mobile-first’ and often ‘mobile-only’ continent, this new wave of threats is likely to have a strong impact on the number of attacks evidenced in the region. Individuals who run their businesses off mobile devices, as well as organisations who have a bring-your-own-device policy, will need to prepare for this in their security strategy. It is necessary to apply the same level of security to mobile as required by traditional networks and PCs, and security professionals must have a coherent, over-arching threat management approach that addresses this.”
The previously-unknown HummingBad agent was a large contributor to the new top ten positioning of mobile threats. Discovered by Check Point in February 2016, HummingBad immediately became the seventh most common malware detected targeting corporate networks and devices, and in March it moved up to the sixth top spot. Hummingbad targets Android devices specifically, facilitating malicious activity such as installing a key-loggers, stealing credentials and bypassing encrypted email containers used by companies, allowing for interception of corporate data. It was the third highest threat in Kenya in Q1 and seventh in Nigeria.
Check Point identified more than 1,500 different malware families during January; 1,400 in February and 1,300 in March. Throughout the quarter, the Conficker (machines infected by Conficker are controlled by a botnet. It also disables security services, leaving computers even more vulnerable to other infections) and Sality (Virus that allows remote operations and downloads of additional malware to infected systems by its operator. Its main goal is to persist in a system and provide means for remote control and installing further malware) families were two of the most commonly used malware variants in the quarter, with Sality ranking first in both Nigeria and Kenya. In mobile devices specifically, Hummingbad ended the quarter as the top threat globally.
The decrease in the variety of malware families reflects a concentration trend, rather than a decrease in absolute volume of threats, and is perhaps an indicator of the sophistication of the threat environment: cyber criminals do not need to develop entirely new malware; rather it is often sufficient to make small changes to existing families to circumvent security.