While the number of attacks from online resources (known as web threats) blocked by Kaspersky in Kenya and Nigeria combined for the second quarter of 2021 decreased to 14.9 million from the 16.4 million blocked in the first quarter of the year, the number of unique malicious URLs detected and blocked by Kaspersky in these countries increased to reach 6.5 million combined, when compared to the 5.2 million of the previous quarter.
Globally, Kaspersky solutions blocked close to 1.7 billion web threats in the same period this year, an increase of 87% when compared to 2020. Furthermore, its web antivirus solution recognised more than 675 million unique URLS as malicious, a significant jump from the 286 million of last year.
“The IT threat landscape is evolving as more sophisticated technology becomes available. The increase of malicious URLs in Kenya and Nigeria also indicates how phishing and related malware have grown in popularity by threat actors in these regions, who are targeting people working outside of the relative safety of the office network,” says Bethwel Opil, Enterprise Sales Manager at Kaspersky in Africa.
Web threats (attacks launched from online resources) are a category of cybersecurity risks that may cause an undesirable event or action via the Internet. A broad scope of dangers fits into this category, including well-known threats like phishing and computer viruses. However, other threats, like offline data theft, can also be considered part of this group. Web threats are not limited to online activity but ultimately involve the Internet at some stage for inflicted harm.
In fact, more than 30 million web threats were seen across South Africa, Kenya, and Nigeria combined between April – June 2021. Kenya accounted for 8 485 345 web threats blocked by Kaspersky and Nigeria 6 506 385 web threats. Significantly, financial threats are cause for concern globally with Kaspersky solutions blocking the launch of at least one piece of banking malware on the computers of 119,252 unique users.
Even though Kenya accounted for only 0.3% and Nigeria 0.4% of the global risk when it comes to these financial threats, local users must be mindful of how increasingly targeted these attacks have become. For instance, hackers are using social engineering and other tactics to develop more personalised attacks against executives and government leaders.
On the mobile side, globally and during the same time period, Kaspersky products prevented 14,465,672 malware, adware and riskware attacks, and Kaspersky found that the largest share of all detected threats accrued to RiskTool programs, 38.48%. A RiskTool is a program with various functions including concealing files in the system, hiding the windows of running applications, or terminating active processes. The group includes cryptocurrency miners that generate coins using the target device’s resources.
“Of course, there are a variety of web security threats in the market. They typically include human and technical manipulation to attack. Some of the most common web threats include social engineering, malicious code, exploits, and cybercrime,” adds Opil.
The main tool behind such browser-based infections is the exploit pack – which gives cybercriminals a route to infecting computers that either do not have a security product installed or has a commonly used operating system or application that is vulnerable because the user has not applied the latest updates.
“To help mitigate the risk of web threats, users must always create backups of their data. Furthermore, they should enable multi-factor authentication (MFA) that introduces additional layers of user authentication on top of traditional passwords. Regular scans for infections must also be done. And, perhaps most critically, users must keep all tools, software, and operating systems up to date,” concludes Opil.