The last two decades have witnessed increased technology adoption in Africa. According to
Forbes, there are more than 600 million total internet users in Africa. Analysis by the IFC and
Google finds that Africa's internet economy has the potential to reach US$180bn by 2025,
accounting for 5.2% of the continent's GDP. By 2050, the projected potential contribution could
reach US$712bn, 8.5% of the continent's GDP. But the rise of the internet also has a dark side,
with the growing risk of private citizens, businesses, and governments falling victim to cybercrime.
The South African Reserve Bank (SARB) has identified cybercrime and emerging technologies as
growing threats to South Africa's banking sector. In its report, the reserve bank said threats
including internet and mobile banking platforms, may be exploited to facilitate money-laundering
and fund terrorism. South Africa is ranked among the top ten countries in the world in terms of
cybercrime. The country is also ranked seventh out of sixteen countries polled for the highest cost
of a cyber breach. The report notes over 90% of the banking sector offers online banking services,
and mobile application banking, except for one mutual bank.
"Although online banking offers faster transactions and more convenient options for banking,
these features are also attractive to criminals. Online features can hide the true identity of clients
(which in-branch visits would have detected), and these features can also hide the true
destination and beneficiaries of funds," says the SARB report. Southern African Fraud Prevention
Service (SAFPS) CEO, Manie van Schalkwyk says consumers must try by all means to make sure
that their data is always secured. According to SABC News, Phishing remains one of the most
prevalent scam techniques. The South African Banking Risk Information Centre (Sabric) estimates
that SA businesses suffer a total of about R250 million in losses each year due to phishing attacks
and internet fraud.
However, according to an article by African Business published on August 8, 2022, Kaspersky, a
Russian firm that provides anti-virus software, in their analysis revealed that attacks related to
data loss threats including phishing, scams, and social engineering increased significantly in Africa
in Q2 2022 in comparison with the previous quarter.
The company detected 10,722,886 phishing attacks in Africa in Q2. Kenyan users were influenced
the most by this type of threat: there were 5,098,534 phishing attacks detected in 3 months - a
growth of 438% when compared with the previous quarter. Kenya was followed by South Africa
(4,578,216 detections and a growth of 144%) and Nigeria (1,046,136 detections and a growth of
174%).
The Guardian in an article published August 3, 2022, reported Kaspersky saying social engineering,
"human hacking" scams, are used in many ways, and for different purposes, to lure unwary users
to the site and trick them into entering personal information. It stressed that the latter often
includes financial credentials such as bank account passwords or payment card details, or login
details for social media accounts.
According to the security firm, phishing is a strong attack method because it is done on a large
scale. It stressed that by sending massive waves of emails under the name of legitimate
institutions or promoting fake pages, malicious users increase their chances of success in their
hunt for innocent people's credentials. The article explained that phishers deploy a variety of
tricks to bypass email blocking and lure as many users as possible to their fraudulent sites, adding
that a common technique is HTML attachments with partially or fully obfuscated code. It stressed
that HTML files allow attackers to use scripts, and obfuscate malicious content to make it harder
to detect and send phishing pages as attachments instead of links.
According to a recent Interpol report, about 90% of African businesses are operating without the
necessary cybersecurity protocols and, therefore, are exposed to cyberattacks. The report also
noted that there were more than 700 million threat detections in Africa within one year. Over the
years, there have been efforts from different African countries to address the cybersecurity
challenge. According to an article by Forbes published on August 2, 2022, in South Africa,
President Cyril Ramaphosa signed the Cybercrimes and Cybersecurity Act in 2021. This law
mandates electronic communication service providers and financial institutions to act when their
systems suffer a cybersecurity attack or breach. South Africa had previously signed the Protection
of Personal Information Act No. 4 of 2013 Act into law.
At the continental level, the African Union (AU) adopted the Convention on Cyber Security and
Personal Data Protection, also known as the Malabo Convention, in 2014. This was followed by
the release of the Personal Data Protection Guidelines for Africa, a collaborative measure
between the Internet Society and the AU, in 2018. According to the United Nations Conference on
Trade and Development (UNCTAD), out of the 54 countries in Africa, only 33 (61%) have a data
protection law in place. Meanwhile, Business Tech in an article dated July 8, 2022, said the
Department of Police gazetted its draft search and seizure rules for cybercrimes committed in
South Africa. The Gazette, which is currently open for public comment, falls under the
Cybercrimes Act which was partly introduced by President Cyril Ramaphosa at the end of 2021.
"The Cybercrimes Act provides a new legal mechanism for addressing cybercrime in South Africa,
as well as creating a range of new cybercrime offences," the department said. "It also provides for
mechanisms to preserve electronic evidence in the cyber domain, to conduct the search, access,
and seizure operations in respect of an article as defined in the CCA, and the gathering of data
connected to both cyber and other crimes that are committed by means of or facilitated through
the use of an article." The draft rules also noted that an individual's right to privacy, as well as
other fundamental rights, must always be respected, and any infringement of these rights may
only be justified in terms of the law. "The right to a fair trial is paramount, and the responsibility
of the investigation and prosecution team in terms of gathering, preserving, and presenting
evidence to a court fairly and objectively, remain of utmost importance." Without serious
cybersecurity efforts, opportunistic criminals around the world stand poised to reap the benefits
of Africa's internet growth story.
There are different methods for classifying the different instances of malware. One
method uses the primary trait that the malware possesses. Classify the different
instances of malware using the primary trait that the malware possesses.
Classifying different instances of malware based on their primary traits can be done in several ways. Here are some common classifications:
1. Virus: A virus is a type of malware that attaches itself to files or programs and spreads by replicating itself. It can cause damage to files, slow down the computer, or disrupt system operations.
2. Worm: A worm is a self-replicating malware that spreads without human intervention. It typically exploits vulnerabilities in a network to spread from one device to another. Worms can congest networks, consume bandwidth, and may carry other types of malware.
3. Trojan: A Trojan, or Trojan horse, disguises itself as legitimate software or files and tricks users into downloading or executing them. Once inside a system, Trojans can perform various malicious activities, such as stealing sensitive information, granting unauthorized access, or damaging files.
4. Spyware: Spyware is a type of malware designed to gather information from a user's computer without their knowledge. It can track keystrokes, capture screenshots, collect personal data, and transmit it to third parties. Spyware is often used for identity theft, surveillance, or targeted advertising.
5. Ransomware: Ransomware is a malicious program that encrypts a user's files and demands a ransom in exchange for the decryption key. It can spread through infected email attachments, websites, or compromised software. Ransomware attacks can cause significant financial and operational damage to individuals and organizations.
6. Adware: Adware is a type of malware that displays unwanted advertisements and collects user data for targeted advertising purposes. Although adware may not cause extensive harm, it can be intrusive and negatively impact system performance.
7. Rootkit: A rootkit is a type of malware that provides unauthorized access to a computer system while hiding its presence from users and antivirus software. Rootkits can enable attackers to control the infected system, steal data, or launch other malicious activities.
8. Botnet: A botnet is a network of infected computers, known as bots, that are controlled by a command-and-control server. Botnets can be used for various purposes, including launching Distributed Denial of Service (DDoS) attacks, sending spam emails, or conducting large-scale cybercrimes.
It is worth noting that malware can have multiple traits, and new variants with different characteristics emerge continuously. Additionally, blended threats may combine features of multiple malware types to maximize their effectiveness.
The different instances of malware can be classified based on their primary traits. Here are some common types of malware based on their primary traits:
1. Viruses: Viruses are malicious programs that can replicate and spread by attaching themselves to clean files or programs. They often have a specific payload or malicious code that can cause damage to a computer system.
2. Worms: Worms are self-replicating malware that can spread without any user interaction. They exploit vulnerabilities in network protocols to infect other devices and can cause significant network congestion and disruption.
3. Trojans: Trojans, or Trojan horses, are malware that masquerades as legitimate or harmless software to trick users into installing them. Once installed, they can perform various malicious activities, such as stealing sensitive information or providing a backdoor for attackers to gain unauthorized access to the system.
4. Ransomware: Ransomware is a type of malware that encrypts files or blocks access to a system until a ransom is paid. It is designed to extort money from victims by holding their data hostage.
5. Spyware: Spyware is malware that secretly collects information about a user's activities, such as browsing habits, keystrokes, and passwords. It can monitor and relay sensitive data to third parties without the user's knowledge or consent.
6. Adware: Adware is malware that displays unwanted advertisements or pop-ups on a user's device. It is often bundled with legitimate software and can track user behavior to deliver targeted advertisements.
7. Rootkits: Rootkits are advanced types of malware that gain privileged access to a computer system. They hide their presence and can modify or manipulate system files and processes, making them difficult to detect and remove.
8. Botnets: Botnets are networks of infected computers or devices that are controlled by a single entity, known as a botmaster. They can be used for various malicious activities, such as sending spam emails, launching distributed denial-of-service (DDoS) attacks, or mining cryptocurrencies.
It's important to note that these classifications can overlap, and malware can have multiple traits or functionalities. Additionally, new types of malware constantly emerge as cybercriminals develop more sophisticated techniques.
The primary trait classification method categorizes different instances of malware based on their primary characteristic or behavior. Here are some common primary traits used to classify malware:
1. Viruses: Viruses are malicious programs that can replicate themselves and infect files or systems by attaching their code to legitimate files. They can spread from one computer to another through various means, such as email attachments, infected websites, or shared files.
2. Worms: Worms are similar to viruses in their ability to self-replicate, but they do not require a host file to spread. They exploit security vulnerabilities and network weaknesses to infect multiple computers within a network or over the internet. Worms can cause significant damage by consuming network bandwidth, spreading rapidly, and carrying out malicious activities like data theft or destruction.
3. Trojans: Trojans, also known as Trojan horses, are malware that disguises itself as legitimate software or files to deceive users into installing or executing them. Once activated, Trojans can perform various malicious activities, including data theft, remote control of the infected system, or downloading and installing additional malware.
4. Ransomware: Ransomware encrypts a victim's files or locks them out of their system, usually demanding a ransom payment in exchange for restoring access. It often spreads through malicious email attachments, infected websites, or exploit kits.
5. Spyware: Spyware is designed to gather sensitive information from a user's computer without their knowledge or consent. It can track keystrokes, monitor web browsing habits, collect login credentials, and capture personal or financial data. Spyware often operates stealthily and can be difficult to detect.
6. Adware: Adware is a type of malware that displays unwanted advertisements, usually in the form of pop-ups or banners. While not necessarily harmful in itself, adware can degrade system performance, interrupt user activity, and compromise privacy by collecting browsing habits and personal information.
7. Botnets: Botnets are networks of compromised computers, often controlled by a central command and control (C&C) server. Infected computers, known as bots or zombies, can be remotely controlled by cybercriminals to carry out various malicious activities, such as distributed denial-of-service (DDoS) attacks, spam distribution, or credential theft.
It's important to note that malware can exhibit multiple traits or exhibit variations within each category. Additionally, new types and variants of malware are continually emerging as cybercriminals develop new techniques and exploit vulnerabilities. Regularly updating antivirus software, practicing safe browsing habits, and keeping systems and applications patched can help protect against these threats.