Common tactics used by hackers targeting governments across Africa

Different organisations in Africa are facing possible cyberattacks from Advanced Persistent Threats (APTs), with the top targets being governments, the energy sector and telecommunications institutions.

Kaspersky says they have observed active threats currently targeting organisations in Africa.

ALSO READ: Budget 2024: Telecom sector calls for diesel rebates and tackling of infrastructure damage

What are APTs?

Amin Hasbini, head of the global research and analysis team for Middle East, Turkiye and Africa at Kaspersky says APT groups are complex threat actors that deploy targeted attacks, active for years on end. These groups are often motivated by espionage, monetary gain, or in some cases, hacktivism.

Kaspersky Intelligence has found prominent hacking groups including MuddyWater, FruityArmor and Sidewinder, in the region. The most common tactic used by these threat actors is social engineering. This type of tactic is used on social media or email where threat actors post a fake job advert targeting software developers.

APT groups will also deploy sophisticated modular malware like DeadGlyph and StealerBot, as well as weaponising legitimate, remote applications, online services, and cloud platforms – a technique used by MuddyWater APT group to penetrate the targeted site. Furthermore, these groups can target third-party providers and infiltrate their victims through supply chains. 

ALSO READ: Cyberattacker hits Indonesia’s data centre, demands $8 million ransom

Steps to implement to avoid falling victim:

• Limit access to third parties and require continuous inspection of access within your supply chain.
• For endpoint-level detection, investigation, and timely remediation of incidents, implement EDR solutions
• In addition to adopting essential endpoint protection, implement a corporate-grade security solution that detects advanced threats on the network level at an early stage
• The energy sector and other critical infrastructures should use security solutions for operation technology endpoints and networks, to ensure comprehensive protection for all systems.
• Upskill your cybersecurity team to tackle the latest threats
• Educate employees depending on their IT knowledge with cybersecurity courses

PLEASE NOTE: We have relaunched a new app for a better experience. Please update your old app on the Google Play Store or the Apple App Store.