Security risks facing businesses in Africa
Cyber research for the African business sector has revealed a significant increase in domestic attacks, indicating public agencies need to strengthen their upstream defences and no longer rely only on geo-blocking to defend their key data. More than 50 per cent of those surveyed highlighted the lack of skilled security personnel or training as one of the biggest challenges to implementing an application security programme. One of the researchers told your blogger that it is not surprising that web and mobile applications represent such a high risk to businesses in Africa, as they often process highly sensitive information and cyberattacks targeting them are increasing in sophistication in the region. To effectively address cyber threats, software companies need to move beyond reactive measures by implementing software security |initiatives that embrace the fundamentals of software integrity and proactively build security and quality into their software development lifecycle.The research also reveals a sharp increase in local sourced bots, using unsecured internet devices to launch large scale attacks on African sites. Some African organizations have typically blocked overseas attacks using geo-blocking techniques which has stopped some overseas users good or bad from accessing sites hosted locally, but effectively protected the site, while it continued for local located users.This data suggests that such strategies are flawed. Most Africa ISP’s are not able to withstand the size of the Internet of things attacks from within African.A total of 62 per cent of the respondents viewed customer-facing web and mobile applications as the areas presenting the highest security risk to businesses, followed closely by embedded and Internet of things systems at 19 percent. Desktop applications and internal-facing web applications were represented at 17 percent and 12 percent respectively.
Aside from the technical challenges in securing customer-facing web applications, 47 per cent of professionals identified protection of customer data and intellectual property as paramount, while 18 per cent suggested regulatory compliance. In addition, 28 per cent of the respondents have a strategy in place in the event of a security incident. 66 per cent said they did not, while 6 per cent suggested that they are unsure. This suggests that nearly three quarters of the respondents remains unprepared in the face of a cyberattack.42 per cent of those surveyed have received some form of cyber security training, which under-lines the importance of cyber security and the need to better understand the threat landscape. The survey was conducted from June to October 2017, in South Africa, Nigeria, Ghana, Ivory Coast, Kenya, Mauritius, Tanzania, Zambia, Botswana, Egypt, Tunisia and Morocco. The survey is based on responses from C-level IT professionals as well as managers and other executives.The data collected showed a sharp increase in the malicious piece of code that seeks out insecure devices and commands them to attack websites and logins. By taking over a large number of Internet of Things devices, bot is able to attack websites with far greater force than previous malware. The bot took down several websites in the last 12 months, with attacks exceeding 200 Gbs, far larger than any previous attack, and with a volume that could not be defended against by traditional ISP defences.The software was then released for others to use, setting off more attacks around the continent with reports of a South Africa based attack exceeding 500Gbs. This is four times the size of what had previously been the benchmark for so called major attacks in Sub Saharan Africa.The data will be provided to business sector players as evidence of the need to strengthen defences against large localised attacks. This requires a substantial upgrade in site protection, rather than relying on ISP’s to block malicious offshore traffic.The evidence of the change in attack strategies should prompt a rethink of local defence solutions, especially for high profile government and non government sites.The data suggests local attacks are continuing as others seek to exploit the underlying weakness.