Africa's people are under cyber attack and why we need more cyber security awareness and training on the continent

ITWeb Security Summit 2020 -  24 Aug 2020

Africa has become the new hunting ground for cyber criminals and fraudsters looking to exploit user vulnerabilities.

2019 KnowBe4 African Report found that Africa is increasingly vulnerable to cyber attacks. The report highlighted how vulnerable users were when it came to recognising cyber threats and managing their risk profiles. In 2020, Accenture released a report entitled: ‘Insight into the Cyberthreat Landscape in South Africa’ that revealed there are around 577 attempted malware attacks every hour. Cyber crime has turned towards Africa and is putting its people and organisations at risk.

“With cyber crime shifting its attention towards emerging economies and with Africa’s Internet penetration about to double to one billion Internet users by 2022, the African continent has become an attractive target for cyber crime,” says Anna Collard, Managing Director of KnowBe4 Africa. “A lot of these users will be connecting for the first time and will have very little awareness of the risks.”

And the risks are extensive. The Accenture report pointed out that in 2019, many of the attacks were successful, particularly against well-known organisations and service utilities. This draws a picture of a worrying trend that can fundamentally affect the lives and livelihoods of people on the continent.

“Sub-Saharan Africa is the region with the most financial transactions happening via mobile devices,” says Collard. “This is another reason why crime is paying attention. If users aren’t aware of the risks or don’t realise that their mobile devices put them at risk, then they are open to fraud and attack.”

ITWeb Security Summit 2020

Many people still think that mobile devices aren’t vulnerable to attack. They don’t realise that fake links, phishing e-mails, scams and malware are as easily perpetrated on a mobile device as they are on a PC. In fact, many cyber criminals use fake links and phishing messages to catch people who are unaware on WhatsApp or SMS. People are often more inclined to believe that a SMS or WhatsApp message is real and are lured into handing over important personal information using these channels.

“The problem is that many people can’t protect themselves because they don’t realise the extent of the threat or how to identify it,” says Collard. “They think they can – our survey found that around 55% of respondents believed they could identify a security threat and yet they gave away personal information or fell prey to scams. There is a desperate need for more education around cyber crime, how to identify it, and the methods that scammers use.”

The continent is lagging on security legislation and education, and is lacking security professionals who can support both business and government in refining their security postures and approaches.

“The high degree of digitisation, combined with the increase in mobile malware and sophistication of social engineering attacks, makes people more vulnerable than ever,” says Collard.

Training is essential in minimising risk. If people understand the processes and methods used by cyber criminals, they are more likely to identify them and to avoid making unnecessary mistakes.

“Training will help people to identify potential risks and be more alert before they commit to sharing information or clicking on images or links,” says Collard. “This can help Africa and its people push back against the rising tide of cyber crime and protect themselves and their personal information.