Subscribe
About

Kaspersky lifts lid on META cyber threats

Simnikiwe Mzekandaba
By Simnikiwe Mzekandaba, IT in government editor
Johannesburg, 05 May 2023
Dr Amin Hasbini, head of Global Research and Analysis Team for Middle East and Africa at Kaspersky.
Dr Amin Hasbini, head of Global Research and Analysis Team for Middle East and Africa at Kaspersky.

South Africa, Nigeria and Kenya are among the Middle East, Turkey and Africa (META) nations that saw a rise in phishing attacks in quarter one (Q1) of 2023, compared to Q1 of 2022.

This is one of the insights revealed yesterday at the Kaspersky Cyber Security Weekend – META 2023 held in Almaty, Kazakhstan.

Now in its eighth year, the event sees Kaspersky experts detail the biggest cyber threats that are targeting governments, enterprises, businesses and industrial organisations, as well as forecast future cyber security trends.

Kaspersky notes phishing attacks grew by 7% in SA, 53% in Nigeria and 87% in Kenya in Q1 2023, compared to the same period last year.

Other countries that recorded an uptick in phishing attacks include Egypt (49%), United Arab Emirates (33%), Oman (28%), Kuwait (27%) and Bahrain (20%).

Dr Amin Hasbini, head of Kaspersky’s Global Research and Analysis Team for META, said the company sees malicious phishing e-mails every day.

Hasbini noted the situation is different for various countries, with Saudi Arabia experiencing a slight decrease of 1% in phishing attacks in Q1 2023, versus the same period last year. “The numbers in other countries are huge. For example, there was an 88% increase in Qatar and 87% in Kenya.”

Turning to Trojan banker statistics, where a user’s banking information is targeted and stolen, Hasbini revealed an uptick when comparing Q1 2023 with Q1 2022.

According to Kaspersky, new malware families and cyber attack campaigns have contributed to a rampant rise of Trojan banking attacks in Q1 of 2023 compared to Q1 of 2022.

The highest increase was Nigeria (268%), followed by Turkey (238%), Kuwait (218%), Egypt (186%), Saudi Arabia (168%), Kenya (129%) and Oman (115%) in the first quarter of 2023.

Qatar, UAE and Bahrain recorded increases of 99%, 67% and 33%, respectively.

Conversely, Russia recorded a decline (-49%), which Hasbini attributed to the geopolitical situation, saying attackers are targeting Russia less.

“Attackers are not able to monetise their attacks on Russian users because to monetise means to transfer the money, which is difficult right now.”

In the case of using outdated machines and software, Hasbini said “sadly a lot of users” still use PCs running Windows 7.

This, despite Microsoft’s discontinued support of the operating system more than three years ago.

Software firm Microsoft stoppedproviding security updates for PCs running Windows 7, from 14 January 2020.

However, based on Kaspersky’s statistics, Hasbini revealed that one in 10 devices (10%) in Bahrain, for example, still used Windows 7, as of the first quarter of 2023. Meanwhile, it is one in five devices in Russia (21.4%) and Kazakhstan (20%), during the same period.

In SA, Kenya and Nigeria, those figures are 7.6%, 9.4% and 6%, respectively.

“There are no security guarantees on any Windows 7 device – if you have a Windows 7 device, you are in great danger and it’s a bad situation,” he warns. “Any organisation or user should not be using any kind of Windows 7.

“A single click allows access to the device because there are vulnerabilities that were discovered and Microsoft is not patching them anymore.”

He notes Kaspersky witnesses phishing and ransomware every day. “A user gets targeted with a malicious e-mail, and they click on the link or attachment. The phishing e-mail brings in malicious behaviour on the device…it will run, spy, steal passwords and install ransomware and infect all devices automatically, in most cases.

“The attackers will spread ransomware, destroying everything and blackmail the organisation – this is a common theme every single day.

“It’s important that we realise the size of the threats that we see in our region, and that different regions have different kinds of situations.

“We must be careful of the wind that is moving over our region and changing how our region operates and advances different kinds of cyber attacks.”

Share