Connect with us

Africa

Backdoor malware in Africa spiked in Q2 2022

Published

on

  According to data from Kaspersky www Kaspersky co za Security Network for corporate users the amount of backdoor computer malware detected in the second quarter of 2022 in South Africa Kenya and Nigeria increased significantly compared to the previous quarter reaching new records and posing challenges cybersecurity professionals in companies and government agencies A backdoor is one of the most dangerous types of malware Backdoors provide cyber criminals with remote administration of the victim s machine Unlike legitimate remote administration utilities backdoors install launch and run invisibly without the user s consent or knowledge Once installed backdoors can be instructed to send receive execute and delete files collect sensitive computer data log activities and more Kaspersky recently discovered a hard to detect backdoor https bit ly 3K1GnTV called SessionManager that was targeting governments and NGOs around the world This backdoor was configured as a malicious module within Internet Information Services IIS a popular web server published by Microsoft SessionManager enables a wide range of malicious activities from email harvesting to full control of the victim s infrastructure First tapped in March 2021 this backdoor hit government institutions and NGOs in Africa South Asia Europe and the Middle East Many of the targeted organizations remain at risk South Africa saw the most significant increase in backdoor detections from Q1 to Q2 140 to 11 872 cases with the proportion of affected users increasing by 10 Nigeria followed Backdoor detection saw a significant increase from 83 to 2 624 cases and the proportion of affected users increased by 24 In Kenya the number of detections increased in the second quarter to 10 300 an increase of 53 from the first quarter and the proportion of users affected by backdoors increased by 11 Backdoors enable a series of long undetected cyber espionage campaigns that result in significant financial or reputational loss and can disrupt the operations of the victim organization Corporate systems must be constantly audited and carefully monitored for hidden threats says Dr Amin Hasbini Head of the Global Research and Analysis Team GReAT Middle East Turkey and Africa region at Kaspersky Gaining insights into active cyber threats is critical for companies to protect their assets and threat intelligence is the only component that can enable reliable and timely anticipation of complex backdoors Threat intelligence drives the Kaspersky Anti Targeted Attack platform which is an ultimate endpoint detection and response solution that provides all in one protection against complex and targeted attacks It gives cybersecurity teams complete visibility into network web email PCs laptops servers and virtual machines in public clouds To protect your organization from backdoors Kaspersky experts recommend Focus your defense strategy on detecting lateral movements and leaking data to the Internet Pay special attention to outgoing traffic to detect cybercriminal connections Back up your data regularly Make sure you can quickly access it in an emergency Use a solution like Kaspersky Anti Targeted Attack https bit ly 3dB4HQp with extended EDR at its core which helps identify and stop backdoor attacks in the early stages before attackers achieve their goals Use a trusted endpoint security solution such as Kaspersky Endpoint Security for Business KESB https bit ly 3QxuCH8 that works with exploit prevention behavioral detection and a remediation engine that can reverse malicious actions KESB also has self defense mechanisms that can prevent cybercriminals from removing it
Backdoor malware in Africa spiked in Q2 2022

1 According to data from Kaspersky (www.Kaspersky.co.za) Security Network for corporate users, the amount of backdoor computer malware detected in the second quarter of 2022 in South Africa, Kenya and Nigeria increased significantly compared to the previous quarter, reaching new records and posing challenges.

nigerian dailies today

2 cybersecurity professionals in companies and government agencies.

nigerian dailies today

3 A backdoor is one of the most dangerous types of malware.

nigerian dailies today

4 Backdoors provide cyber criminals with remote administration of the victim’s machine.

5 Unlike legitimate remote administration utilities, backdoors install, launch, and run invisibly, without the user’s consent or knowledge.

6 Once installed, backdoors can be instructed to send, receive, execute, and delete files, collect sensitive computer data, log activities, and more.

7 Kaspersky recently discovered a hard-to-detect backdoor (https://bit.ly/3K1GnTV) called SessionManager that was targeting governments and NGOs around the world.

8 This backdoor was configured as a malicious module within Internet Information Services (IIS), a popular web server published by Microsoft.

9 SessionManager enables a wide range of malicious activities, from email harvesting to full control of the victim’s infrastructure.

10 First tapped in March 2021, this backdoor hit government institutions and NGOs in Africa, South Asia, Europe, and the Middle East. Many of the targeted organizations remain at risk.

11 South Africa saw the most significant increase in backdoor detections from Q1 to Q2: 140% to 11,872 cases, with the proportion of affected users increasing by 10%.

12 Nigeria followed: Backdoor detection saw a significant increase from 83% to 2,624 cases, and the proportion of affected users increased by 24%.

13 In Kenya, the number of detections increased in the second quarter to 10,300 (an increase of 53% from the first quarter), and the proportion of users affected by backdoors increased by 11%.

14 “Backdoors enable a series of long-undetected cyber-espionage campaigns that result in significant financial or reputational loss and can disrupt the operations of the victim organization.

15 Corporate systems must be constantly audited and carefully monitored for hidden threats,” says Dr. Amin Hasbini, Head of the Global Research and Analysis Team (GReAT), Middle East, Turkey and Africa region at Kaspersky.

16 “Gaining insights into active cyber threats is critical for companies to protect their assets, and threat intelligence is the only component that can enable reliable and timely anticipation of complex backdoors.

17 Threat intelligence drives the Kaspersky Anti Targeted Attack platform, which is an ultimate endpoint detection and response solution that provides all-in-one protection against complex and targeted attacks.

18 It gives cybersecurity teams complete visibility into network, web, email, PCs, laptops, servers, and virtual machines in public clouds.” To protect your organization from backdoors, Kaspersky experts recommend: Focus your defense strategy on detecting lateral movements and leaking data to the Internet.

19 Pay special attention to outgoing traffic to detect cybercriminal connections.

20 Back up your data regularly.

21 Make sure you can quickly access it in an emergency.

22 Use a solution like Kaspersky Anti Targeted Attack (https://bit.ly/3dB4HQp) with extended EDR at its core, which helps identify and stop backdoor attacks in the early stages, before attackers achieve their goals .

23 Use a trusted endpoint security solution, such as Kaspersky Endpoint Security for Business (KESB) (https://bit.ly/3QxuCH8) that works with exploit prevention, behavioral detection, and a remediation engine that can reverse malicious actions .

24 KESB also has self-defense mechanisms that can prevent cybercriminals from removing it.

shopbet9jaoldmobile