Nigeria has been ranked 16th in cyber attacks vulnerability index in Africa in month of May this year.
The global threat index by Check Point Software Technologies Ltd, a technology security company, says Nigeria which serves as West African technology and economic hub, has made a significant improvement on from April’s 11th position, to the 19th in May, out of the 112 countries on the overall global Index.
[quote font=”georgia” font_size=”22″ font_style=”italic” align=”left” arrow=”yes”]Another is the Android malware Hummingbad, which persisted in the overall top 10 of malware attacks across all platforms during the period, that is used to attack mobile devices. In both Kenya and Nigeria, Hummingbad ranks as the fifth most common malware form.[/quote]The company’s latest Threat Index for May 2016, which contains the report, shows that several countries in Africa have made strong moves up and down the index, of which the higher their relative ranking in the index, the greater the threat of cyber-attack.
The report states that there are four African countries in the top ten of the Index, including Malawi that currently sits at third position. The others include Djibouti, Namibia and Angola. Botswana stands outside of the top ten, taking eleventh position.
The authors of the report also revealed that 2,300 unique and active malware families globally attacking business networks, and that the number of active global malware families has increased by 15% in May 2016.
It states that ”this was the second month when Check Point observed increase in the number of unique malware families, having previously reported a 50% increase from March to April.”
“The continued rise in the number of active malware variants highlights the wide range of threats and scale of challenges security teams face in preventing an attack on their business critical information,” the report says
According to the report, the most notable malwares include Gamarue, a top malware in Nigeria in May, which was a financial threat. It is a modular bot that hides in trusted processes and can be used to harvest financial information.
It also mentioned Banking malware Tinba, which became the fourth most prevalent form of infection last month in Kenya, and ninth in Nigeria. The Trojan allows hackers to steal victims’ credentials using web-injects, activated as users try to log-in to their banking website. Tinba ranked second in the overall international threat list.
Another is the Android malware Hummingbad, which persisted in the overall top 10 of malware attacks across all platforms during the period, that is used to attack mobile devices. In both Kenya and Nigeria, Hummingbad ranks as the fifth most common malware form.
Although Check Point researchers only discovered it in February, it has rapidly become commonly used; indicating that hackers view Android mobile devices as weak spots in enterprise security and as potentially high reward targets.
Rick Rogers, Area Manager for East and West Africa at Check Point Software Technologies believes that both of these threats are significant in the African context as Android phone sales and banking inclusion continue to climb.
“As Bring Your Own Device (BYOD) continues to be a trend and smartphone penetration on the continent grows, companies are at an increased risk from Hummingbad in particular, and other malware,” Rogers said.
“Combined with the growth in malware family numbers overall, this represents a significant business risk. Enterprises of all sizes must educate themselves on the security threats they face and invest in solid measures to protect their networks and corporate data.”, he adds.
In May, Sality, Virut and Conficker were the top malware families in Kenya, while Gamarue, Sality and Dorkbot featured in Nigeria’s top three.
Internationally, Conficker was the most prominent malware family, accounting for 14% of recognised attacks. The top ten families were responsible for 60 percent of all recognised attacks around the world.
Check Point explains how the top malware operate:
Sality: Virus that allows remote operations and downloads of additional malware to infected systems by its operator. Its main goal is to persist in a system and provide means for remote control and installing further malware.
Virut: This is one of the top malware and botnet distributors in the Internet, and uses DDoS attacks, spam distribution, data theft and fraud methods. Spread through executables originating from infected devices, Virut alters the local host files and opens a backdoor to remote attackers via an IRC channel.
Conficker: machines infected by Conficker are controlled by a botnet. It also disables security services, leaving computers even more vulnerable to other infections.
Gamarue: A modular bot with a loader, downloads additional modules and injects into trusted processes to hide. Infected machines can be harvested for financial credentials.
Dorkbot – IRC-based worm designed to allow remote code execution by its operator, as well as download additional malware to the infected system, with the primary motivation being to steal sensitive information and launch denial-of-service attacks.
Check Point’s Threat Index is based on threat intelligence drawn from its ThreatCloud World Cyber Threat Map, which tracks how and where cyberattacks are taking place worldwide.
The Threat Map is powered by Check Point’s ThreatCloudTM intelligence, a collaborative network to fight cybercrime, which delivers threat data and attack trends from a global network of threat sensors.