Small businesses in Kenya and Nigeria vulnerable to cybercrime
As companies focus on post-COVID-19 recovery across the globe, small businesses in Kenya and Nigeria are facing another challenge: cybercrime.
According to Kaspersky, a global cybersecurity and digital privacy company headquartered in Russia, between January and April the number of password stealing ware detections in Kenya increased 16 percent to 12,639 compared to the same period in 2021.
In Nigeria, the number of detections in January-April, more than doubled from 1,076 in the same period last year to 2,654.
Password stealing ware is a type of malware that steals passwords, along with other account information, which then allows attackers to gain access to corporate networks and steal sensitive information.
The number of internet attacks in Kenya, specifically web pages with redirects to exploits, sites containing exploits and other malicious programs as well as botnet command and control centers, increased 47 percent. In 2021 88,455 infections were reported compared to 130,111 in the first four months of this year.
Nigeria reported a decreased number of internet attacks, from 99,146 infections in 2021 to 56,836 infections in the first four months of this year.
The West African country also reported increased attacks on Remote Desktop Protocol from 161,000 to 303,500, translating to a 89 percent increase. Kenya on the other hand reported decreased instances of Remote Desktop Protocol attacks.
Remote Desktop Protocol is a technology that enables computers on the same corporate network to be linked together and accessed remotely, even when employees are at home.
Denis Parinov, security researcher at Kaspersky, said due to the shift to remote work and the introduction of numerous advanced technologies in the daily operations of even small companies, security measures need to evolve.
"Cybercriminals are already way ahead of the curve, so much so that virtually every organization will experience a breach attempt at some point," he said.
"For small companies today, it's not a matter of whether a cybersecurity incident will happen but when. Having trained staff and an educated IT specialist is no longer a luxury but a must-have part of your business development."
