#1 Middle East & Africa Trusted Cybersecurity News & Magazine |

32 C
Dubai
Wednesday, July 2, 2025
HomeAfricaSpyware Surge: Kaspersky Reports 14% Rise in Attacks on African Businesses at...

Spyware Surge: Kaspersky Reports 14% Rise in Attacks on African Businesses at GITEX Africa 2025

Date:

Related stories

PDFs: Portable Documents or Perfect Phishing Vectors?

Cybersecurity professionals are sounding the alarm: PDF attachments are...

Google Urgently Patches CVE‑2025‑6554 Zero‑Day in Chrome 138 Stable Update

On 26 June 2025, Google rapidly deployed a Stable Channel update...

French Police Arrest Five Key Operators Behind BreachForums Data-Theft Platform

On 25 June 2025, France’s specialist cybercrime unit (BL2C) detained five...
spot_imgspot_imgspot_imgspot_img

At GITEX Africa 2025 in Morocco, cybersecurity giant Kaspersky unveiled alarming findings from its latest Africa Cyberthreat Landscape Report, revealing a 14% increase in spyware attacks targeting businesses across the continent. Drawing insights from the Kaspersky Security Network (KSN), the report underscores the growing sophistication of cyberthreats as African economies rapidly digitize amid weak security postures and growing digital adoption.

Kenya, South Africa, Morocco, and Nigeria were among the most heavily targeted countries, with notable increases in web threats, on-device malware, spyware, and password stealers. These findings call for urgent action from both public and private sectors to fortify their cybersecurity infrastructure and adopt proactive defense strategies.

The Rising Tide of Cyberthreats in Africa

Africa’s digital boom has presented both opportunity and risk. While mobile connectivity, e-commerce, and digital financial services flourish, cybercriminals are exploiting the region’s expanding digital footprint especially where security investments lag behind.

At the GITEX Africa 2025 conference held in Marrakech, Kaspersky’s Global Research and Analysis Team (GReAT) presented the most pressing cyberthreat dynamics:

1. Web-Based Threats on the Rise

In 2024, 131.5 million web threats were detected across the African continent a 1.2% increase from 2023. These attacks exploit browser vulnerabilities, malicious advertising (malvertising), and phishing pages.

  • Kenya: ~20 million attack attempts
  • South Africa: ~17 million
  • Morocco: ~12.6 million

These figures show that digital connectivity brings increased exposure to threats unless backed by robust browser and endpoint protections.

2. Local (On-Device) Threats Climb 4%

Malware delivered via USBs, CDs, or hidden files within installer packages surged by 4% year-on-year, targeting systems where web-based defenses aren’t in place.
Countries seeing the largest growth include Morocco, Senegal, Nigeria, South Africa, and Ethiopia regions increasingly targeted for their developing IT infrastructure and growing business ecosystems.

3. Spyware Attacks Surge by 14%

Spyware malicious software designed to covertly monitor users and steal sensitive data saw the largest year-on-year jump. Kaspersky’s telemetry recorded a 14% increase in spyware incidents targeting African businesses.

These attacks are often part of advanced persistent threat (APT) campaigns, and in some cases, linked to corporate espionage, credential theft, and financial fraud.

4. Password Stealer Activity Jumps 26%

Credential-harvesting malware, often distributed via phishing emails or infected software, rose sharply—up 26% in 2024.
Top affected countries include:

  • Kenya
  • Morocco
  • South Africa
  • Tanzania
  • Namibia
  • Uganda
  • Senegal

The scale of these attacks reflects both the value of stolen credentials on the dark web and the insufficient deployment of multi-factor authentication (MFA) across enterprises.

What’s Driving the Increase in Attacks?

Maher Yamout, Lead Cybersecurity Researcher at Kaspersky GReAT, offered insights during the GITEX panel:

“Africa’s rapid digital expansion has brought significant opportunities, but it has also exposed the continent to a growing array of cyberthreats. The continued shift to hybrid work and rush to digitize operations—often outpacing cybersecurity investment—makes the region an attractive target for threat actors.”

Key contributing factors include:

  • Low cybersecurity maturity in SMEs
  • Limited enforcement of compliance frameworks
  • Increased cloud and remote access without adequate security hardening
  • Digital finance adoption without widespread awareness of phishing or social engineering risks

Kaspersky’s Recommendations for Defense

To combat the surge in threats, Kaspersky recommends a multi-layered security approach—tailored for both individual users and enterprises.

10 Recommendations to Avoid Cyberthreats

For Individuals & End-Users:
  1. Download apps only from trusted sources such as Google Play or the App Store.
  2. Avoid clicking suspicious links in emails, texts, or online ads.
  3. Enable multi-factor authentication (MFA) wherever possible.
  4. Use complex, unique passwords and store them in a secure password manager.
  5. Regularly update your devices and applications to patch security vulnerabilities.
For Organizations & Businesses:
  1. Implement centralized patch management to keep all systems updated.
  2. Deploy robust endpoint protection, such as Kaspersky NEXT EDR Expert, to detect and respond to APT-like attacks.
  3. Avoid exposing remote desktop services (RDP) to the internet without strong security controls.
  4. Leverage Threat Intelligence feeds to stay ahead of evolving attack tactics and indicators of compromise (IOCs).
  5. Regularly back up critical business data, and store backups offline or isolated from the main network.

Regional Cyber Defense in Focus

Initiatives like the African Cyber Surge operation and Kaspersky’s Cyber Immune Approach aim to bolster regional resilience. Governments and cybersecurity firms are working together to develop threat intelligence sharing frameworks, enhance capacity-building efforts, and drive digital literacy campaigns.

Kaspersky’s report also calls for investment in cybersecurity education, particularly among startups and SMEs, which often lack the resources to implement enterprise-grade security.

Conclusion: Time for Proactive Cyber Resilience in Africa

Kaspersky’s latest findings reveal a clear trend: as digital transformation accelerates across Africa, cyberattacks are rising in parallel and evolving in sophistication.

With spyware attacks alone rising by 14%, the message to businesses is clear: proactivity beats reactivity. Cyber resilience must become a board-level priority, not an afterthought. The key lies in integrated defenses, strategic partnerships, and a cultural shift toward cybersecurity-first thinking.

As Africa positions itself as a leader in fintech, e-government, and digital innovation, platforms like GITEX Africa offer a vital stage to exchange knowledge, build alliances, and chart a secure path forward.

Access the full “Africa Cyberthreat Landscape Report” by Kaspersky

Report presented live at GITEX Africa 2025, Marrakech, Morocco
Powered by: Kaspersky Security Network (KSN)

Ouaissou DEMBELE
Ouaissou DEMBELEhttp://cybercory.com
Ouaissou DEMBELE is a seasoned cybersecurity expert with over 12 years of experience, specializing in purple teaming, governance, risk management, and compliance (GRC). He currently serves as Co-founder & Group CEO of Sainttly Group, a UAE-based conglomerate comprising Saintynet Cybersecurity, Cybercory.com, and CISO Paradise. At Saintynet, where he also acts as General Manager, Ouaissou leads the company’s cybersecurity vision—developing long-term strategies, ensuring regulatory compliance, and guiding clients in identifying and mitigating evolving threats. As CEO, his mission is to empower organizations with resilient, future-ready cybersecurity frameworks while driving innovation, trust, and strategic value across Sainttly Group’s divisions. Before founding Saintynet, Ouaissou held various consulting roles across the MEA region, collaborating with global organizations on security architecture, operations, and compliance programs. He is also an experienced speaker and trainer, frequently sharing his insights at industry conferences and professional events. Ouaissou holds and teaches multiple certifications, including CCNP Security, CEH, CISSP, CISM, CCSP, Security+, ITILv4, PMP, and ISO 27001, in addition to a Master’s Diploma in Network Security (2013). Through his deep expertise and leadership, Ouaissou plays a pivotal role at Cybercory.com as Editor-in-Chief, and remains a trusted advisor to organizations seeking to elevate their cybersecurity posture and resilience in an increasingly complex threat landscape.

Subscribe

- Never miss a story with notifications

- Gain full access to our premium content

- Browse free from up to 5 devices at once

Latest stories

spot_imgspot_imgspot_imgspot_img

LEAVE A REPLY

Please enter your comment!
Please enter your name here