Sub-Saharan Africa's smartphone penetration at 33%

Surge in SSA
smartphone use

Figures expected to
double by 2025.

Thursday, Oct 18th

International espionage incident should ring Africa's alarm bells

International espionage incident should ring Africa's alarm bells

Much like the situation globally, Africa's cyber security threat landscape is significantly broader than people realise – and the reality of 5th generation cyber attacks is reflected in an investigative article posted by Bloomberg titled The Big Hack: How China Used a Tiny Chip to Infiltrate US Companies, according to cyber security firm Check Point.

The in-depth piece details an attack in 2015 by Chinese spies which the authors say reached almost 30 US companies, including Amazon and Apple, "by compromising America's technology supply chain".

In a brief synopsis of the article, Check Point highlighted several points including that during the top-secret probe (which remains open more than three years later) investigators found a tiny microchip nested on the servers' motherboards that wasn't part of the boards' original design, moreover investigators determined that the chips allowed the attackers to create a stealth doorway into any network that included the altered machines.

It also added that investigators found that this attack eventually affected almost 30 companies, including a major bank, government contractors, and Apple Inc.

According to Check Point the article focuses on what is seemingly a highly sophisticated 5th generation cyber attack (large scale, sophisticated technology that attacks the target from multiple vectors) "that enables attackers to download malicious code and infect the server operating system on potentially tens of thousands of agencies and businesses."

Rick Rogers, Regional Director - Africa at CheckPoint said, "This story proves, once again, the dreadful security risks which inevitably result in the growing use of digital platforms, specifically in cloud services. Through this attack it is clear that the security of the global technology supply chain had been compromised. With international technology brands expanding into territories like Africa, offering services like cloud computing to local companies, it is not impossible for cyber-criminals to deploy the same tactics to target local companies and their critical data, "

"However, it is possible to prevent these kinds of attacks using a comprehensive real-time perimeter security solution that can reduce the time it takes to respond to such attacks from years to hours and can provide true and effective prevention."

In May 2018 Rogers said the mindset that 'it won't affect us' or 'we're not significant enough to be a target' exists in Africa and is playing into the hands of cyber criminals.

"Often businesses have the incorrect notion that if they have the correct technology in place, they'll be ok. Although technology is a vital component – user education around vigilant behaviour is equally important. Sometimes it's the C-level executives themselves that think they don't need to follow policy because they have the right solutions in place – and this sets the completely wrong tone throughout the organisation."

The weak point according to Check Point is that instead of deploying end-to-end solutions, businesses are still implementing solutions to protect isolated areas of the business.

The company said enterprise cloud adoption is accelerating, enabling greater business agility and efficiencies through both deployment of hybrid cloud infrastructures like Amazon Web Services, Microsoft Azure and VMWare NSX; and migration to cloud-based applications such as Microsoft Office365, Google G-Suite, Salesforce, ServiceNow, Slack, Box, Dropbox, Egnyte and more.

"There is also an increase in multi-vector attacks on cloud workloads and cloud applications including malware, as well as increasing incidences of account hijacking," it added.

ALSO ON ITWEB AFRICA

Fujikura launches two new cleavers Published on 17 October 2018

Fujikura discontinued the famous CT-30A cleaver after 2 decades as well as the CT-06 cleaver. Out with the old and in with the new CT50 Bluetooth enabled cleaver and CT08 single fibre cleaver.

ACAMS 9th Annual AML & Financial Crime Conference – MENA Published on 16 October 2018

Keynote presentation by Joshua White, director for Policy and Analysis, The Sentry

International espionage incident should ring Africa's alarm bells Published on 08 October 2018

IT security experts say advent of cloud and digitalisation has expanded continent's cyber security threat landscape.

Crypto-backed solar programme launches in Uganda Published on 09 October 2018

Wala, CP-EM partner to create utility-scale, grid-connected renewable power systems.