Kenyans have been alerted to the increasing risk of devastating cyberattacks as attackers shift their focus towards high-profile victims rather than those with lower business turnovers.
The 2023 Annual Cybersecurity Report, released last week by researchers from Trend Micro, highlights this change in tactics. The report notes that cybercriminals are now prioritizing quality over quantity, aiming for higher returns by targeting fewer, more valuable entities in Kenya.
“The nature of these attacks has evolved, becoming more sophisticated and harder to detect,” notes the study in part.
According to Trend Micro, a global cybersecurity platform, the online criminals are on the prowl in Kenya notwithstanding arrests and convictions that have been reported in the media.
“We blocked approximately 37 million email threats, over half a million malicious Uniform Resource Locators (URLs) in the country,” says Gareth Redelinghuys, Country Managing Director for the African Cluster at Trend Micro.
During the same period, more than one million malicious attacks on mobile apps used by Kenyan businesses and consumers were also saved from falling victims. This shift indicates that cybercriminals are opting for quality over quantity, seeking higher returns from fewer, more valuable targets.
“Our latest data shows that threat actors are fine-tuning their operations, shifting away from large-scale attacks, and instead focusing on a smaller range of targets but with higher victim profiles for maximum gain with minimum effort,” noted Redelinghuys in a statement to the media.
To achieve their destructive schemes, cybercriminals are employing advanced techniques like Living-Off-The-Land Binaries and Scripts, which use non-malicious files native to operating systems to camouflage their activities.
The 2023 Annual Cybersecurity Report from Trend Micro highlights several key trends:
Advanced Techniques: Cybercriminals increasingly use sophisticated methods, including Living-Off-The-Land Binaries and Scripts, to evade detection. These techniques involve using benign files inherent to operating systems to hide malicious actions.
Global Ransomware Trends: Ransomware detections have significantly dropped from 2021 to 2023, averaging less than half the detections recorded in 2020. This indicates a shift in attack strategies, with attackers focusing on high-value targets instead of mass attacks.
Trojan FRS Threats: There has been a global increase in Trojan FRS threats, suggesting that attackers are becoming more adept at bypassing initial detection measures. In 2023, several ransomware families exploited remote and intermittent encryption and unmonitored virtual machines to bypass Endpoint Detection and Response (EDR) systems. By using less content during encryption, these attacks minimize the chance of triggering detection mechanisms.
Ransomware Groups: Prominent ransomware groups like Clop and BlackCat were particularly active last year. Clop exploited major vulnerabilities, while BlackCat launched a new variant and leveraged regulatory requirements to pressure victims into quicker responses.
Email Threats in Kenya: Email threats in Kenya have shifted towards more sophisticated methods. Although email threat detections decreased from over 66 million in 2021 to 37 million in 2023, there was a rise in malware detection.
This suggests a strategic shift by attackers, who are now conducting more targeted operations, such as Business Email Compromise (BEC) schemes designed to appear legitimate and evade scrutiny.
Overall, the report underscores a strategic shift by cybercriminals towards fewer, more valuable targets and the use of advanced techniques to evade detection, posing a significant threat to high-profile entities in Kenya.
“IT leaders must refine their processes and protocols to combat these persistent and increasingly sophisticated attacks with efficiency,” urged Zaheer Ebrahim, Solutions Architect for the Middle East and Africa at Trend Micro.
“As attacks become more difficult to detect, the cost of successful breaches will rise,” added Zaheer.
Kenya through the Computer Misuse and Cybercrime protects its citizens from all kinds of online harassment.
