AFRICA is facing a growing cyber threat as sophisticated malware continues to target the continent’s critical infrastructure and digital systems. A recent report by Check Point Software Technologies, a global leader in cyber security solutions, highlights the alarming rise in attacks, with Ethiopia emerging as the most targeted country globally in November.
The report underscores the surge of Androxgh0st, a highly evolved botnet now integrated with the infamous Mozi malware. This cyber weapon is designed to exploit vulnerabilities across platforms, including Internet of Things (IoT) devices, web servers, and essential infrastructure.
Africa at the epicentre of cyber threats
Among the top 20 countries targeted by malware in November, seven are from Africa. Ethiopia leads with the highest normalised risk index, followed by Zimbabwe (4th), Uganda (9th), Angola (10th), Ghana (13th), Nigeria (19th), and Kenya (20th). South Africa, once a prominent target, now ranks 67th.
These attacks are not just numbers on a chart. They threaten critical systems like energy grids, healthcare networks, and transportation hubs, which are vital to national stability. A successful attack on such infrastructure can lead to widespread chaos, financial losses, and even risks to public safety.
The Androxgh0st threat
Androxgh0st has emerged as the most dominant malware globally, impacting 5 percent of organisations. This botnet exploits unpatched vulnerabilities to infiltrate systems, steal credentials, and maintain persistent access. It uses tactics adopted from Mozi to target IoT devices and critical infrastructure components, enabling malicious activities such as Distributed Denial-of-Service (DDoS) attacks and data theft.
‘Androxgh0st’s evolution shows how cyber criminals are constantly refining their tactics,’ said Maya Horowitz, VP of Research at Check Point Software. ‘Its integration with Mozi has significantly expanded its capabilities, making it a formidable threat to global security.’
Mobile malware: a growing concern
Mobile devices are also under siege. Joker spyware, which targets Android devices, remains the most prevalent mobile malware. It silently steals SMS messages, contact lists, and device information while enrolling users in premium services. Anubis, another major threat, has evolved into a banking Trojan with ransomware functionality, keylogging, and remote access capabilities. Necro, an Android Trojan dropper, further complicates the landscape by downloading additional malware and pushing intrusive ads.
Key sectors under attack
Globally, the education and research sector remains the most attacked industry, followed by communications and government/military sectors. Ransomware groups are also intensifying their activities. RansomHub, responsible for 16 percent of recent attacks, employs advanced encryption to target systems. Akira and KillSec3 are other notable ransomware groups wreaking havoc.
Implications for Africa
The prevalence of malware in Africa highlights the continent’s growing digital footprint and the accompanying vulnerabilities. Many African countries are rapidly digitising essential services, but cybersecurity measures often lag behind. This gap makes them attractive targets for cybercriminals.
The impact of these threats extends beyond financial losses. Disruptions to healthcare systems, power grids, and transportation networks can result in life-threatening situations. Governments and businesses across the continent are being urged to prioritise cybersecurity investments, from advanced threat detection systems to workforce training and education.
A call to action
The rise of sophisticated threats like Androxgh0st is a wake-up call for the global community. Cybersecurity must become a top priority for governments, businesses, and individuals. Experts recommend proactive measures such as patching vulnerabilities, implementing multi-layered security, and conducting regular security audits.
Maya Horowitz summarised the stakes succinctly: ‘Organisations must adapt quickly and implement robust security measures to neutralise advanced threats before they cause significant damage.’
Africa’s growing prominence in the digital space makes it both an economic powerhouse and a target for malicious actors. To stay ahead, robust cybersecurity strategies must become as integral as the infrastructures they aim to protect.
