As Africa’s digital transformation continues to grow, the continent is at risk of cyber threats. With more Africans and businesses embracing digital technology, the dark side to this growth is the rise in digital fraud which comes with a heavy cost. An IDC report, ‘The Impact of Cyber Extortion on Africa’, stated that Africa is losing $4 billion annually to cybercrime.
Meanwhile, experts predict that there will be more troubles for Africa’s cybersecurity sector in 2023. This means that African businesses can no longer ignore the risks posed by cyber threats and vulnerabilities.
A 2022 survey found that 52% of companies in Africa believed they were unprepared to handle a large-scale cyberattack and became grimmer to find out that 90% of African businesses lacked proper cybersecurity practices, according to Interpol’s Africa Cyberthreat Assessment Report.
Hence, the continent becomes a “soft underbelly” for cybercriminals to target. For context, Africa was the most cyber-attacked continent globally in 2022. To understand the top cybersecurity predictions for Africa in 2023, Technext spoke to some experts.
Increase in ransomware and phishing attacks
As more small and medium enterprises (SMEs) in Africa go digital and the demand for online services from Africans ramp up, there will be an increase in ransomware and phishing attacks.
“There are going to be more cyber attacks on African businesses in 2023. Ransomware and phishing services are quite cheap on the internet. Combine that with the current harsh economic condition which has forced some people to resort to cybercrime as a potential alternative to make ends meet,” Jaco Nel, Chief Technology Officer at Deimos, a cloud technology company that protects some of Africa’s most prominent businesses, told Technext.
Kostiantyn Omowale Naryzhnyi, the managing director and founder of E-Discovery, a Lagos-based cybersecurity company, said that most cyberattacks come within the affected companies, stressing the need for African businesses to strengthen their cybersecurity strategy.
Read also: Acronis report reveals the average cost of data breaches will surpass US$5 million per incident in 2023.
Mobile devices face unique cyber risks
According to Nel, there will be increased attacks on mobile devices as more cybercriminals will utilize mobile devices to access people’s data and critical systems.
For one, the rise in mobile phone penetration in Africa has birthed growing mobile security threats, some of which are tied to the security standard of phones shipped to the continent. According to cybersecurity firm Kaspersky, South Africa, Kenya, and Nigeria, in particular, are seeing an increase in mobile phone malware. It is estimated that one in nine Android mobile phones in Nigeria has malware-infected applications.
More attacks caused by misconfiguration
“Last year, we saw significant security breaches due to misconfiguration. One of the common examples is when you unknowingly make your database available to the public or you place your servers in a network that is accessible by just anyone. Or you just accidentally delete your firewall that suddenly allows anyone from any computer to gain access to your systems. Misconfiguration is definitely one of the key things that we often see in the cloud space,” Nel said.
Lack of cybersecurity talent
“Finding people with the right skills and competence to handle cybersecurity threats is difficult and will even get more difficult in 2023,” according to Nel.
One of the biggest problems facing Africa’s cybersecurity sector is the lack of talent. In 2018, the estimated number of certified security professionals in Africa was 7,000 out of a population of about 1.26 billion. It gets worse when you realize that the continent faces a growing 100,000-person gap in certified cybersecurity professionals.
Nel added, “With more individuals and businesses becoming more aware of the importance of cybersecurity, the existing limit pool of talent will dry up quickly.”
Interestingly, this is even a global issue. Due to the trend of remote jobs, countries and companies have serious competition in getting talent, E-Discovery’s Naryzhnyi said.
Despite this grim situation, African governments appear to be doing little to address the continent’s cybersecurity concerns. “Africa’s levels of commitment to cybersecurity – as well as capacity for response to threats – remain low compared to other continents,” the International Telecommunication Union’s (ITU) ranking on national global cybersecurity efforts said. A recent report by Global Cybersecurity Index showed that only 29 of 54 African countries assessed had introduced cybersecurity legislation.
For Naryzhnyi, Africa needs better policies and measures to address cybersecurity threats. In the same vein, Nel further argues for the need for African governments to invest in getting talent in the continent’s cybersecurity space.
“It is important we invest in the necessary education to be able to dramatically increase the number of cybersecurity engineers and professionals available on the continent. Though governments can’t do this alone, it is important that they support businesses to build a pipeline of talent,” he said.
Read also: Cybersecurity and Risk Mitigation: Collaboration is the Only Way Out By Austin Okere.
Get the best of Africa’s daily tech to your inbox – first thing every morning.
Join the community now!