1 According to data from Kaspersky (www.Kaspersky.co.za) Security Network for corporate users, the amount of backdoor computer malware detected in the second quarter of 2022 in South Africa, Kenya and Nigeria increased significantly compared to the previous quarter, reaching new records and posing challenges.
2 cybersecurity professionals in companies and government agencies.
3 A backdoor is one of the most dangerous types of malware.
4 Backdoors provide cyber criminals with remote administration of the victim’s machine.
5 Unlike legitimate remote administration utilities, backdoors install, launch, and run invisibly, without the user’s consent or knowledge.
6 Once installed, backdoors can be instructed to send, receive, execute, and delete files, collect sensitive computer data, log activities, and more.
9 SessionManager enables a wide range of malicious activities, from email harvesting to full control of the victim’s infrastructure.
10 First tapped in March 2021, this backdoor hit government institutions and NGOs in Africa, South Asia, Europe, and the Middle East. Many of the targeted organizations remain at risk.
11 South Africa saw the most significant increase in backdoor detections from Q1 to Q2: 140% to 11,872 cases, with the proportion of affected users increasing by 10%.
12 Nigeria followed: Backdoor detection saw a significant increase from 83% to 2,624 cases, and the proportion of affected users increased by 24%.
13 In Kenya, the number of detections increased in the second quarter to 10,300 (an increase of 53% from the first quarter), and the proportion of users affected by backdoors increased by 11%.
14 “Backdoors enable a series of long-undetected cyber-espionage campaigns that result in significant financial or reputational loss and can disrupt the operations of the victim organization.
15 Corporate systems must be constantly audited and carefully monitored for hidden threats,” says Dr. Amin Hasbini, Head of the Global Research and Analysis Team (GReAT), Middle East, Turkey and Africa region at Kaspersky.
16 “Gaining insights into active cyber threats is critical for companies to protect their assets, and threat intelligence is the only component that can enable reliable and timely anticipation of complex backdoors.
17 Threat intelligence drives the Kaspersky Anti Targeted Attack platform, which is an ultimate endpoint detection and response solution that provides all-in-one protection against complex and targeted attacks.
18 It gives cybersecurity teams complete visibility into network, web, email, PCs, laptops, servers, and virtual machines in public clouds.” To protect your organization from backdoors, Kaspersky experts recommend: Focus your defense strategy on detecting lateral movements and leaking data to the Internet.
19 Pay special attention to outgoing traffic to detect cybercriminal connections.
20 Back up your data regularly.
21 Make sure you can quickly access it in an emergency.
22 Use a solution like Kaspersky Anti Targeted Attack (https://bit.ly/3dB4HQp) with extended EDR at its core, which helps identify and stop backdoor attacks in the early stages, before attackers achieve their goals .
23 Use a trusted endpoint security solution, such as Kaspersky Endpoint Security for Business (KESB) (https://bit.ly/3QxuCH8) that works with exploit prevention, behavioral detection, and a remediation engine that can reverse malicious actions .