Markets across Africa are evolving, possibly more rapidly than ever before in history, and this is largely due to continuous advances in and the growing uptake of digital technology. In commemorating Africa Industrialisation Day and the 2019 theme of ‘Inclusive and sustainable industrial development’, Kaspersky experts share their views on two pillars crucial to digital transformation in African economies – and where vulnerabilities need to be addressed if the promise of digital inclusivity is to be achieved and sustainably maintained in the long-term.
According to Riaan Badenhorst, General Manager for Kaspersky in Africa, “We undeniably live in a changing digital world. And, digital technologies allow forward-looking Governments and businesses, alike, to reprioritise what have been persistent challenges similarly faced in many African markets and, through innovation, turn these into opportunities – for investment, development and growth – to address largely untapped market demand. However, we must also be conscious that with embracing digital transformation – to charge the next wave of industrial and inclusive development – comes a hidden load of threats and challenges.”
Bethwel Opil, Enterprise Sales Manager at Kaspersky in Africa agrees and explains that: “Digital disruption and technology adoption is certainly already having an impact across many regions in Africa and such trends will continue to play significant roles in shaping not only fixed infrastructures and services within connected cities, but also how things are made, how businesses operate, and how citizens will make and spend money, entertain themselves and engage with the world around them, well into the future.”
“However, we must be cognisant of the fact that threats are just as prevalent – in number, design and severity – as we transition through what is being dubbed the Fourth Industrial Revolution. And, as the world we live in evolves and becomes ultra-connected, we need to change our approach to how we protect literally everything around us. What we build and adopt today, and tomorrow, must become secure-by-design,” adds Opil.
Industrial networks are increasingly coming under fire
Digitalisation and adoption of Industry 4.0 standards are in the pipeline for many industrial networks. In fact, globally, 81% or organisations see operational network digitalisation as an important or very important task. “The challenge, however, is that for all the benefits that connected infrastructure brings, there are associated cybersecurity risks,” says Badenhorst.
Despite automation, the human factor can still put industrial processes at risk, where employee errors or unintentional actions were behind 52% of incidents affecting operational technology and industrial control system (OT/ICS) networks last year.
“Over and above the potential of human error, however, targeted cyber attacks on industrial control systems is also an increasing challenge in Africa. And this has included cyberattacks on critical and service infrastructure systems, such as power and water utility services to dam control facilities, or even water treatment facilities, for example,” says Badenhorst.
“Threats of malware, ransomware, and even advanced persistent threats remains as powerful as ever. We are seeing that larger organisations, such as city authorities and enterprises, are the fastest growing targets for such attacks – and what’s concerning is that in many cases the owners are not aware that their facilities are exposed to cyber risks and hacking. And, in reality, the more complex and connected industrial infrastructures become, the more advanced protection these networks demand. Countering modern cyberthreats to critical and civil service infrastructures requires a 360-degree view of the threats and actors – and implementing the right defence solutions and programmes that help maintain immunity to even previously unseen threats,” says Badenhorst.
Consumer purses are still being stalked
“Fintech is a real phenomonem in Africa,” states Opil. “Advances in Fintech bolster the promise of inclusion in financial markets by creating more widespread access, and therein more financial freedom for citizens.”
Fintech markets across Africa experienced a massive surge in growth in the last two years and the continent is now home to 491 Fintech startups. From these developments, Africa already has 122 million active users of mobile financial services – more than half of the global total – and with ongoing expansions of the mobile money value proposition and reforms underway in three of Africa’s most populated countries – Nigeria, Ethiopia and Egypt – this could lead to over 110 million new active mobile money accounts in the next five years.
“However, with more pervasive access and activity comes increased threats, as our research shows that malware designed to steal credentials and money from users’ bank accounts is on the rise,” says Opil.
Kaspersky research highlights that mobile banking Trojans are one of the most rapidly advancing, flexible and dangerous types of malware. These Trojans usually steal funds directly from mobile users’ bank accounts, but sometimes their purpose is changed to steal other kinds of credentials.
The malware generally looks like a legitimate app, such as a banking application – and when a victim tries to reach their genuine bank app, the attackers gain access to that too.
“Fintech – and the promise of access and financial freedom it enables – represents such an important evolution for African markets – and the rapid rise of mobile financial malware is a real threat to this promise. Fintech markets will undoubtedly continue to grow and coupled with this; we need to see some reforms put in place – whether lead by Governments, financial services providers or both – that will ensure proper defense mechanisms are being built into these services, as a standard, to better protect users against a data breach,” says Opil.
As all market indicators show, attacks on critical infrastructure, industrial and financial systems will remain major threats faced by a number of emerging nations in Africa – and that the attack methods, tools and techniques will continue to grow in number, type and sophistication.
“For this reason, and in this ever-changing digital world – and the evolving threat landscape it has birthed – we at Kaspersky believe that the concept of cybersecurity will soon become obsolete, and cyber-immunity will take its place. The notion of cyber-immunity is about developing an ecosystem where everything connected is protected, where all systems, devices and services are secure-by-design. And, this should be the goal post for building digitally transformed, inclusive and sustainably secure connected markets in Africa,” concludes Badenhorst.