African governments, energy companies, and telecommunication institutions are facing cybersecurity threats from sophisticated hacking groups, according to a recent report by cybersecurity firm Kaspersky.
These groups, Kaspersky reveals, known as Advanced Persistent Threats (APTs), are well-funded and relentless, launching targeted attacks over extended periods to achieve their goals.
Kaspersky researchers identified nine active APT groups including MuddyWater, FruityArmor, and Sidewinder, currently focusing their efforts on African organisations. Unlike random malware attacks, APTs are highly targeted and meticulously planned.
These groups, Kaspersky reveals, known as Advanced Persistent Threats (APTs), are well-funded and relentless, launching targeted attacks over extended periods to achieve their goals.
Kaspersky.
Motivation of hackers range from espionage to monetary gain, Kaspersky cybersecurity alert says
Kaspersky says that the motivations behind these APT attacks can vary. “These groups are often motivated by espionage, monetary gain, or in some cases, hacktivism.”
Kaspersky’s report reveals several techniques commonly used by APT groups in Africa. Social engineering remains a popular tactic where hackers may create fake job advertisements targeting software developers or send phishing emails containing malicious links or attachments. Once they gain access to a system, they can deploy sophisticated malware like DeadGlyph or StealerBot to steal data or disrupt operations.
Another trend is the weaponisation of legitimate applications and services. Kaspersky researchers have observed APT groups, like MuddyWater, weaponising remote access tools, online services, and even cloud platforms to infiltrate targeted organizations.
Furthermore, APT groups can target third-party providers and infiltrate their victims through the supply chain. By compromising a less secure vendor, hackers can gain access to a wider network of organisations.
“The current geopolitical climate is a hotbed for APT activity, therefore, investigating these attacks and gaining intelligence on their movement is vital for security teams and corporations in Africa,” Amin Hasbini, Head of Global Research and Analysis team for Middle East, Turkiye and Africa at Kaspersky says.
“Our research allows businesses and government entities to determine the significance of the threat posed, understand the attackers’ next move and accordingly be able to take the appropriate security steps to protect themselves,” he concluded.
To mitigate this issue, Kaspersky recommends taking proactive steps to defend against APT attacks including
- Limiting third-party access and strictly monitoring your supply chain.
- Implementing endpoint detection and response (EDR) solutions for real-time threat detection.
- Using a corporate-grade security solution to identify advanced threats on your network.
- Kaspersky Industrial CyberSecurity is recommended for the energy sector and other critical infrastructure.
- Upskilling your cybersecurity team and educating employees on cybersecurity best practices.
Home
