Pierluigi Paganini October 30, 2021

INTERPOL published the African Cyberthreat Assessment Report 2021, a report that analyzes evolution of cybercrime in Africa.

A new report published by INTERPOL, titled the African Cyberthreat Assessment Report 2021, sheds the light on cybercrime in Africa. The report aims at providing information about the most prevalent threats in Africa, a continent that is particularly vulnerable to cybercriminal activities. According to the report, more than 90% of African businesses are operating without the necessary cyber security protocols in place.

It is important to highlight that Africa has the fastest-growing telephone and Internet networks in the world, and it as the widest use of mobile banking services.

This rapid growth is not supported by the implementation of cybersecurity policies and standards, exposing African counties and their organizations to major risks.

The INTERPOL African Cyberthreat Assessment Report 2021 identifies the most prominent threats in Africa, based on input from INTERPOL member countries and data drawn from private sector partners.

The top five threats are:

• Online Scams – For African member countries, the highest-reported and most pressing cyberthreat across the region was identified as online scamming. This threat seeks to target and take advantage of victims’ fears, insecurities, and vulnerabilities through phishing, mass mailing and social engineering. Member countries have reported a sharp increase in the number of online banking scams, including instances of banking and credit card fraud.
• Digital Extortion – This threat is also identified as one of the most prominent cyberthreats within the region. Digital extortion seeks to target individuals with either allegations of sexually compromising images or through direct blackmail campaigns. While such threats are not new on the threat landscape, the move towards a digital society – particularly within the African region – has created new attack vectors for criminals to both obfuscate their identity and
  target new victims.
• Business Email Compromise – Alongside online scams, Business Email Compromise (BEC) was identified as a significant concern and threat to the region. Businesses and organizations that rely heavily on wire transfer transactions are vulnerable to this threat in Africa. The COVID-19 pandemic has contributed to the increase in this type of cybercrime.
• Ransomware – The threat of ransomware is expanding across the African continent. Allegedly, more than 61% of companies in thisregion were affected by ransomware in 2020 alone. These attacks targeted some African countries’ critical infrastructure, including healthcare and maritime sectors.
• Botnets – Botnets are networks of compromised machines used as a tool to automate largescale campaigns such as DDoS attacks, phishing, malware distribution, etc. The number of botnet victim detections in Africa was around 50,000, with a monthly average detection of 3,900. In Africa, there have been numerous high-profile instances of such DDoS attacks on critical infrastructure within the past five years.

The analysis of the IP addresses in Africa that were used to send out digital extortion spam messages from January 2021 to May 2021, the count of unique IP addresses is about 10.6% of the overall number. The top sender countries include South Africa, Morocco, Kenya and Tunisia.

When dealing with ransomware attacks, Kaspersky reported that there were more than 1.5 million ransomware detections in 2020, most targeted countries in Q1 2021 are Egypt, South Africa, and Tunisia.

“Not only do criminals exploit vulnerabilities in cyber security across the region, but they also take advantage of variations in law enforcement capabilities across physical borders,” said Craig Jones, INTERPOL’s Director of Cybercrime. “INTERPOL’s regional cybercrime strategy for Africa provides a robust framework for sharing intelligence and coordinating action to strengthen the law enforcement response across Africa and beyond,”

The strategy aims at reaching the following strategic objectives:

• Enhancing cybercrime intelligence for effective responses to cybercrime;
• Strengthening cooperation for joint operations against cybercrime;
• Developing regional capacity and capabilities to combat cybercrime;
• Promoting good cyber hygiene for a safer cyberspace

INTERPOL’s African Cybercrime Operations Desk is tasked with implementing a strategy to curb cybercriminal activities in partnership with key regional stakeholders, such as the African Union and Afripol.

Let me suggest reading the report, it includes very valuable information about cybercrime in Africa.

Follow me on Twitter: @securityaffairs and Facebook

Pierluigi Paganini

(SecurityAffairs – hacking, African Cyberthreat Assessment Report 2021)

[adrotate banner=”5″]

[adrotate banner=”13″]