Around 29% of corporate users in Kenya experienced financial malware attacks in the first half of 2021, according to Kaspersky’s research
“As local businesses have continued to adjust to remote work scenarios and the rest of the circumstances surrounding the COVID-19 pandemic, we have continued to witness cybercriminals using this to their advantage, exploiting the situation however they can. When looking at such statistics, we believe it is evident that cybercriminals are more commonly targeting unsuspecting corporate users in Kenya as a way to compromise corporate systems,” said Bethwel Opil, enterprise sales manager at Kaspersky in Africa.
According to the report, organisations in Kenya have become susceptible to financial malware as more employees work outside the relative safety of the corporate network. The normalisation of a distributed workforce makes ensuring the protection of the personal endpoint devices of people, who need to access back-end systems to continue performing their job functions, that much more critical.
In addition to securing these devices, cybersecurity training of employees remains a key component to defend against the growing scourge of financial malware that uses phishing techniques to target individual users.
Some of the best practice that must be employed include having employees only install applications from reliable sources, such as official app stores. Even so, they must always examine the permissions the application requests. If these permissions do not match the intended function of the programme, then it must be questioned and brought to the attention of the IT administrator.
Beyond the fundamental cybersecurity solutions and training, companies must also consider using the likes of anti-advanced persistent threat (APT) and endpoint detection and response (EDR) technologies to further shore up the defensive posture of their network environment.