Insiders remain one of the key threats to corporate cybersecurity in East Africa

The number of insider-related cybersecurity incidents in East Africa has increased by 55 percent in the last three months as most companies lacking active monitoring of their IT infrastructure transitioned to remote work occasioned by the COVID-19 pandemic.

According to Dimension Data, the sudden spike has resulted from attackers taking advantage of publicly available weak systems and most security controls designed to monitor and capture activities failing to keep up as they are intended for traditional on-premise infrastructure thereby leaving security control gaps as more employees remotely connect to company resources from mobile devices and external networks. The Financial Services Industry (FSI) remains the most targeted sector because of the immediate monetary gain.

Speaking during the launch of Dimension Data Intelligent Security business in East Africa, the unit's Head - Ishmael Muli said although insider threats are largely attributed to malicious employees and contractors, statistics from the company's Threat Intelligence Centre shows that most incidences in the region originate from employee negligence and other close associates ignoring corporate cybersecurity policies, misuse data, and install unauthorized applications among others.

Dimension Data's Intelligent Security unites all the capabilities and security offerings previously managed by its subsidiary brands Dimension Data East Africa and Internet Solutions into one business and will offer world-class solutions from global partner NTT Ltd. whilst developing locally relevant solutions tailored for protecting organizations in East Africa.

"Across East Africa, we are seeing insiders take advantage of organizations that lack visibility or the ability to investigate successful cyberattacks due to limited access controls to detect unusual activity once someone breaches their network. Some of these attacks involve manipulation of transactional data, tampering of logs to limit tracing, as well as framing legitimate users - all of which make forensic investigations difficult," Muli said.

“Cybersecurity plays a critical role in any business within emerging markets like Kenya. We’ve built Dimension Data Intelligent Security to ensure that we offer world-class solutions to our clients while making sure they suit the unique needs of our clients operating within these markets. Further to this, we have plans to focus on local skills development specifically in the threat intelligence space,” he added.

Current attacks within East Africa are being linked to hackers employing smarter methods to distribute their server networks and occasionally purchasing command and control systems in other countries, with traffic being routed through myriad systems making it difficult to trace its origin.

According to the Communication Authority (CA) Annual Report 2018/2019, malware attacks were the most prevalent threats accounting for approximately 78 percent of all cyber threat detections by the National Kenya Computer Incident Response Team - Coordination Centre (National KE-CIRT/CC). Web application attacks and botnet/denial of service threats accounted for approximately 11% and 9% percent respectively of detected cyber threats.

The first half of the year has also seen an increase in reconnaissance attacks accounting for 40 percent of all observations in the Middle East and Africa (MEA) region according to NTT Ltd. Global Threat Intelligence Report 2020. A rise in Web Application attacks on common Content Management Systems (CMS) such as Joomla and WordPress accounted for over 20 percent of observed attacks. Whilst service-specific attacks increased by 40 percent targeting known vulnerabilities that may have remained largely unaddressed by various organizations.

The current COVID-19 crisis has seen an upsurge use of technology as many companies adopt work from home and bring your own device policies, increasing organizational risk as cybersecurity etiquette shifts to end-users. As a result, the most prevalent attacks include phishing and social engineering.

With the trend set to continue as the volume of information insiders’ access, store and transmit rises – and remote working becomes the status quo, Muli advised organizations to invest in threat intelligence services to gain regular visibility of what is happening in their internal networks - to automatically detect and remediate stealthy attacks that would otherwise be missed. He urged organizations to conduct insider risk assessments on their critical business functions that could be leveraged by Insiders for fraud.

"Moving forward, cybercriminals will increasingly automate cyberattacks. This requires organizations to automate a lot as well with intelligence analysis and orchestration tools, especially in terms of incidence response, to reduce the average remediation time. The future is going to be all about how to recover fast from an attack as networks, systems, and processes get more sophisticated for integration," Muli emphasized.

Dimension Data’s global integration with NTT Ltd. allows for Dimension Data Intelligent Security to provide its clients with solutions that protect their businesses from noted threats all over the globe and harness key innovations from international markets. At the same time, Dimension Data Intelligent Security is investing heavily in research to develop solutions offerings that speak directly to the pricing, scaling, and security needs of local businesses.