News
New research suggests Africa is being used as a ’testing ground’ for nation state cyber warfare
April 2024 by Guy Golan, CEO of Performanta
Global cybersecurity firm Performanta has revealed new insight into the role developing countries play in the ransomware ecosystem
Performanta, the multinational cybersecurity firm specialising in helping companies move beyond security to achieve cyber safety, has uncovered a trend in how developing countries are being targeted by nation state actors.
The firm’s analysis explored the origins and characteristics of Medusa, a ransomware-as-a-service targeting organisations globally. The patterns suggest that developing countries are hit first with a trend that shows a rising impact on developed countries. It implies that ransomware activities are not entirely random and a strategy is in place to focus on organisations within developing countries as their initial targets.
Guy Golan, CEO and Executive Chairman of Performanta, states: "Our analysis suggests that BRICS nations, and particularly the African continent, have become a testing ground for nation-state attacks. In order to achieve a more cyber safe environment for all organisations globally, we need to increase awareness of this growing issue. It is only through understanding the trends and patterns of geopolitical cyber warfare that will enable us to bring clarity to the global threat landscape."
Performanta’s research has delved into precisely how attackers are using Africa, and the extent to which the region is under major threat.
In South Africa, a 10-year review of the cyber threat landscape found that the most prevalent perpetrators of attackers were trained hackers, and the top three most likely targeted industries on the continent are finance, manufacturing and energy. This poses a serious problem, with the average successful nation-state-backed cyber attack costing an average of $1.6 million per incident.
Performanta’s report also reveals a large increase in financial/banking trojans with a 59% increase in Kenya and a 32% increase in Nigeria across a single quarter.
Golan continues: "Attackers likely perceive attacking Africa to have fewer risks to themselves than directly attacking the West, and as a bridge to the Western world, it’s likely that methods are tried and tested in Africa first, before being deployed across developed countries later. As an emerging economy, Africa may have become an entry point for attackers aiming to access and disrupt Western assets indirectly. No matter the reasoning, the West and Africa must implement long-term collaborative efforts to build a strong defence against this threat."
With a strong foothold in both South Africa and the UK, Performanta is uniquely positioned to bridge the gap between nations to form a cyber safe defence against nation-state enemies.
