- ESET, a Slovakian internet security company, says state-sponsored cyber attacks targeting both government entities and the corporate sector in Africa and the Middle East are on the increase.
- Hackers, the firm notes, target ministries, critical infrastructure, military establishments and businesses in these regions.
- Even though cybercrime is worth billions of dollars, the company said attackers are not looking for financial gain but are exploiting information leading to database security vulnerabilities.
The growing cases of cyber attackers are becoming a major threat to businesses, organizations and governments. Today, these attacks take on a new dimension as states become the architects of some of these attacks.
“Governments are notorious for hiring hackers because data has become the new oil. The more data a country has on its allies or enemies, the more power it has, ”said Ken Kimani, director of the ESET East Africa channel.
“Without some sort of geopolitical consensus, it’s going to become much more difficult for cybersecurity experts to stop or regulate states or criminal groups that are effectively sheltered by the state.”
ESET, a Slovakian internet security company, says state-sponsored cyber attacks targeting both government entities and the corporate sector in Africa and the Middle East are on the increase. Hackers, the firm notes, target ministries, critical infrastructure, military establishments and businesses in these regions.
Even though cybercrime is worth billions of dollars, the company said attackers are not looking for financial gain but are exploiting information leading to database security vulnerabilities.
In 2019, 18 Kenyan government websites were attacked by cybercriminals, leaving homepages dysfunctional.
Government websites have been hacked by an Indonesian hacker group called ‘Kurd Electronic Team’. However, it is not clear whether it was state-run.
Some of the major websites whose operations have been affected include the online procurement platform operated by the National Treasury – Integrated Financial Management Information Systems (IFMIS), National Development Implementation and Technical Communication (NDICT ), National Youth Service (NYS) and National Environmental Management Authority (Nema).
Mr Kimani said attack campaigns use sophisticated multi-step approaches often described as Advanced Persistent Threats (APTs) that require “extensive reconnaissance and effort to remain hidden within networks for long periods of time. long periods of time, with an emphasis on cyber espionage or destructive attacks, designed for geopolitical purposes.
“With many vendors on the dark web now selling exploits and malware to state actors, it has become common to hear about some governments hiring independent hackers to help with certain campaigns,” he said. he adds.
According to ESET, governments around the world have always conducted offensive cyber operations, but these campaigns have grown in volume and impact.
The most famous is the Stuxnet Malware attack used by the US and Israeli governments against Iranian nuclear facilities in 2010.
Global cybercrime is estimated at billions of dollars a year and is becoming a fully functioning economy that generates the GDP of many countries, teeming with independent resources, knowledge and stolen data that many governments covet.
The industry-leading global IT security provider added that cyberspace now represents a new theater of war in which no country has yet agreed on terms of engagement.
“This has left a vacuum in which it is deemed acceptable by some nations to directly or indirectly sponsor economic espionage. It went even further: in some cases where organized cybercrime is allowed to do its own thing as long as its efforts are focused on rival nations, ”he added.
Cyber security attacks fell 49.7% in the three months to March to 28.2 million from 56.2 million in the quarter ended in December.
However, the Kenya Computer Incident Response Team National Coordination Center has warned that cybercriminals have developed powerful tools with the increase in technology adoption.