Cyber-attacks surge on government and financial sectors across Africa
What you need to know:
- As Africa continues to integrate digital technologies, experts warn that proactive measures are essential to mitigate cyber risks and safeguard critical sectors from future threats.
Dar es Salaam. Cyber-attacks targeting the government and financial sectors across Africa are on the rise, according to a new report by cybersecurity firm Positive Technologies.
The analysis reveals that government institutions and financial companies account for 29 percent and 22 percent of all successful cyberattacks on organizations, respectively.
The report, covering trends from early 2023 to late 2024, highlights the prevalence of these sectors as targets for organized hacker groups, often motivated by financial gain and espionage. Hacktivists also play a role, particularly in government-related incidents.
Findings from dark web forums underscore the vulnerability of Africa’s government and financial institutions, which attract 19 percent and 13 percent of all darknet listings globally.
According to Positive Technologies, over half of databases related to African entities are distributed for free on the dark web, while access to corporate networks is sold for an average of $2,970.
“Government institutions are frequently targeted by advanced persistent threat (APT) groups (46 percent), aiming to gather sensitive information and conduct cyberespionage,” said an analyst at Positive Technologies Anastasia Bezborodko. Hacktivists account for 18 percent of these attacks, reflecting their focus on ideological disruption.
Attacks on the financial sector surged to 22 percent, with dark web discussions often revolving around the sale of sensitive data and network access.
The industrial sector, accounting for 10 percent of successful attacks, faces threats aimed at disrupting production and stealing proprietary information. The telecommunications sector was also heavily targeted, as criminals sought access to vast amounts of personal and payment data.
Hackers primarily focused on exploiting vulnerabilities in network perimeters, poorly configured services, and external-facing resources. Attacks on web resources rose from 15 percent to 27 percent, with distributed denial-of-service (DDoS) attacks making up half of these incidents.
Malware remains the most common tool in cyberattacks, used in 43 percent of organizational breaches and 53 percent of attacks on individuals.
Ransomware accounted for one-third of corporate incidents, while spyware was employed in one-quarter of attacks. Vulnerability exploitation contributed to 18 percent of all successful breaches.
The most common outcomes of these attacks included access to confidential data (61 percent of cases) and disruption of operations (18 percent). South Africa (22 percent) and Egypt (13 percent) were the most frequently attacked countries, while dark web activity focused on South Africa (25 percent), Nigeria (18 percent), and Algeria (13 percent).
To address rising cyber threats, Positive Technologies urges African organizations to prioritize cybersecurity by adopting robust protective measures.
Recommendations include developing and updating comprehensive cybersecurity strategies; identifying and securing critical infrastructure; conducting risk analyses and implementing regular security audits and training employees on basic security practices and allocating budgets for specialized training programs.
Experts also emphasize the importance of government-private sector partnerships, international collaboration, and knowledge sharing to bolster cybersecurity resilience across the continent.
As Africa continues to integrate digital technologies, experts warn that proactive measures are essential to mitigate cyber risks and safeguard critical sectors from future threats.
