Menu

Five African nations were among the top 10 most-attacked countries by cybercriminals in November, according to the latest ranking of the most prevalent malware families attacking organisations' networks released by Check Point Software Technologies, a global cybersecurity vendor.

In its monthly Global Threat Index released this week, Check Point noted a 10% increase in the number of attacks on corporate networks using Locky and Cryptowall – two of the active malware families used in ransomware attacks.  

Botswana was the most-attacked country on Check Point's list of 117 at-risk nations, followed by Malawi in second place, Namibia in fourth, Uganda in ninth and the Democratic Republic of Congo in tenth place. South Africa moved up to 31 on the list from 58th position in October, while Kenya dropped to 24th (from 22nd in October) and Nigeria climbed to 108th position, from 116th in the previous month.

Ransomware is a type of computer virus or malware that prevents or limits users from accessing their system, either by locking the system's screen or by locking the users' files unless a ransom is paid. Check Point says many organisations are paying ransoms to secure the return of their files, making it an attractive – and lucrative – attack vector for cybercriminals.

"Ransomware attacks are still growing in volume for a simple reason – they work and generate significant revenues for the attackers,” said Rick Rogers, Area Manager for East and West Africa at Check Point. "Organisations are struggling to effectively counteract the threat posed by this insidious attack form; many simply don't have the right defences in place, and may not have educated staff on how to recognise the signs of a potential ransomware attack in incoming emails.”

The California-based IT security firm advised that organisations must use advanced threat prevention measures on networks, endpoints and mobile devices to stop malware at the pre-infection stage. Some of the recommended measures to ensure they are adequately secured against the latest threats include the use of Check Point's SandBlast™ Zero-Day Protection, Threat Extraction, and Mobile Threat Prevention solutions.

In Nigeria, the most common malware families are Dorkbot, backdoor bot agent that allows an attacker to access the compromised system and use it to send spam, send confidential information and conduct DDoS attacks; Virut, a virus used in spam distribution, data theft and fraud; sality, a virus that allows remote operations and downloads of additional malware to infected systems by its operator.  

For the eighth consecutive month, HummingBad is said to have been the most common malware used to attack mobile devices globally. HummingBad is an Android malware that establishes a persistent rootkit on the device, installs fraudulent applications and enables additional malicious activity such as installing

Check Point's threat index is based on threat intelligence drawn from its ThreatCloud World Cyber Threat Map, which tracks how and where cyberattacks are taking place worldwide in real time.