Cyber Threats in South Africa 2023: Ransomware, AI and Emerging Risks

Trend Micro Incorporated recently published its Midyear Cybersecurity Threat Report for 2023, shedding light on the increasingly complex cybersecurity landscape in South Africa. The report unveils a comprehensive analysis of the threats faced by both businesses and consumers, with a focus on malicious activities between January and June 2023.

The Numbers Speak Volumes

During this six-month period, Trend Micro’s vigilant efforts thwarted an astounding 86 million email threats, nearly four million malicious URLs, and over 4,000 malicious mobile apps aimed at South African targets. These staggering statistics serve as a grim reminder that the threat landscape continues to grow more sophisticated, necessitating proactive and holistic security solutions.

Ransomware Evolution

The Midyear Report spotlights the persistence of ransomware as a major challenge for local businesses. In June alone, there were close to 2,500 ransomware detections. However, it’s not just the volume but the evolving tactics that are a cause for concern. Researchers unveiled a new ransomware strain, known as ‘Mimic,’ which deploys legitimate search engine tools to identify and encrypt files. This discovery suggests possible collaboration between Mimic and the infamous Conti ransomware group, with criminals sharing knowledge to optimise their operations.

Furthermore, ransomware actors are diversifying their tactics, shifting their focus to areas like cryptocurrency theft and business email compromise (BEC). This change in strategy is indicative of their adaptability and constant quest to maximise their criminal activities.

AI-Powered Threats

In the first half of 2023, a notable trend emerged: cybercriminals harnessing AI to carry out virtual crimes with greater efficiency. This development not only affects businesses in South Africa, many of which have incorporated AI into their operations but extends to a global scale. Malicious actors are employing AI to impersonate real individuals, giving rise to scams like virtual kidnapping. In virtual kidnapping scenarios, criminals create deepfake voices to convince victims that they hold their loved ones hostage, pressuring them into paying large ransoms.

The use of AI is also facilitating criminals in automating data gathering, forming target groups, and identifying vulnerable behaviours. This advancement is particularly dangerous in the context of ‘whaling’ and ‘harpoon whaling‘ attacks. Whaling involves deceiving executives and directors through phishing campaigns, while harpoon whaling requires extensive research on targeted individuals. AI tools now enable criminals to craft convincingly human-like text, making it easier to target a wider pool of high-profile victims.

Innovative Threats

As technology innovations progress, threat actors are constantly discovering new ways to target victims. For instance, connected cars with over 100 million lines of code present both convenience and opportunities for hackers. Cybercriminals can gain access to user accounts, enabling them to locate, break into, and even sell the car’s parts or target the owner’s home address for burglary. A similar scenario unfolds with smart home networks, which have witnessed significant adoption in South Africa. Trend Micro detected over one and a half million inbound smart home network attacks in the first half of 2023.

Additionally, threat actors have started exploiting vulnerabilities in smaller platforms for more specific targets. These include file transfer service MOVEit, business communications software 3CX, and print management software solution PaperCut.

The Need for Proactive Measures

Zaheer Ebrahim, Solutions Architect, Middle East and Africa at Trend Micro, underscores the necessity for local businesses to comprehend these evolving threats. With hackers employing increasingly sophisticated tactics, it is imperative for defenders to stay ahead in the cybersecurity game. Awareness of these threats is the first step in making informed decisions and implementing proactive measures.

To delve deeper into the comprehensive insights provided by Trend Micro’s 2023 Midyear Cybersecurity Threat Report, you can access the full report here.

Featured image by Vecteezy

Reframed is your trusted source for in-depth insights into the ever-evolving world of technology. We delve into the business and culture of technology and the impact it has on life, culture, society and the way in which we work and communicate.