At the 25th Cyber Security Summit South Africa in Johannesburg, Kaspersky highlighted critical cybersecurity threats impacting businesses and shared strategies to mitigate risk exposure. According to Kaspersky’s latest IT Security Economics report, South African organisations experienced an average of 19 cybersecurity incidents annually. This underscores the urgent need for robust security measures in an evolving digital landscape.
Key statistics on cyber threats
In 2024, Kaspersky detected 467,000 malicious files daily, marking a 14% increase compared to 2023. South Africa saw 34.2% of users encounter web-borne threats, while banking and financial malware surged by 34%, posing severe challenges for institutions and consumers. Other alarming trends include:
- Password stealer detections rising by 14%, increasing identity theft risks.
- Exploit attacks up by 55%.
- Backdoor attacks spiking by 42%, enabling persistent system access.
Crimeware ecosystem: a global and regional threat
Cybercriminals are adopting a multi-platform approach, expanding operations across regions. The Grandoreiro banking trojan, initially targeting Latin America, now impacts Asia and Africa. In 2024, this trojan targeted over 1,700 financial institutions and 276 cryptocurrency wallets across 45 countries, including South Africa and other African nations like Nigeria, Kenya, and Ghana.
Emerging threats: AI-enhanced attacks & cloud vulnerabilities
Kaspersky experts identified several growing concerns:
- AI-powered cyber threats: Attackers leverage AI for phishing scams, malware development, and automation to execute sophisticated attacks.
- Cloud security risks: As businesses adopt cloud-based services, misconfigurations and inadequate security measures lead to increased data breaches.
- Human error & social engineering: Techniques such as phishing and deepfakes exploit human vulnerabilities, making employee training essential.
Proactive solutions for businesses
To combat these threats, Kaspersky recommends:
- Threat intelligence gathering: Tailored to industry-specific risks.
- Advanced security solutions: Implement tools like Kaspersky Next for comprehensive protection.
- Employee training: Address human error through cybersecurity awareness programmes.
- Regular assessments: Conduct penetration testing to identify vulnerabilities before exploitation.
Dmitry Berezin, Global Security Solutions Expert at Kaspersky, emphasised the need for a comprehensive security strategy combining robust IT solutions, employee education, and threat intelligence. He stated:
“With the rise of AI-assisted cybercrime and increasingly targeted attacks on businesses, decision-makers must integrate intelligence-driven security measures to protect assets, customers, and reputation in a hostile digital landscape.”
The Cyber Security Summit South Africa served as a critical platform for addressing pressing cybersecurity challenges. With threats like AI-enhanced attacks and cloud vulnerabilities on the rise, businesses must adopt proactive measures to safeguard their operations in an increasingly complex digital environment.
