Breaking cybersecurity news, news analysis, commentary, and other content from around the world, with an initial focus on the Middle East & Africa and the Asia Pacific
Nigerian Businesses Face Growing Ransomware-as-a-Service Trade
Infosec advocacy group warns that poor patching practices and reliance on cracked software increases risk.
January 19, 2024
Ransomware-as-a-service looks set to fuel an increase in cyberattacks in Nigeria in the coming year, even as operational disruptions and recovery efforts already cost billions of Nigerian naira, or millions of US dollars, in 2023.
The National Cyber Threat Forecast 2024 from the Cyber Security Experts of Nigeria (CSEAN), a nonprofit championing cybersecurity awareness in Nigeria, reports that ransomware groups and other malware variants — such as ALPHV, 0XXX Virus, DJVU, and the Cobalt Strike exploit toolkit — affected big swathes of both public- and private-sector organizations in the African country in 2023.
For example, one "notable regulatory agency" fell victim to the Mallox ransomware, "exploiting a Microsoft vulnerability in their public-facing digital systems," the study noted, although there was no detail on which agency it was.
Ransomware-as-a-Service
Ransomware-as-a-service (RaaS) is a business model where ransomware developers sell or lease their variants to other cybercriminals, known as affiliates, who do the grunt work of planting malware by either exploiting software vulnerabilities or phishing.
RaaS allows would-be cybercriminals to launch sophisticated cyberattacks, according to the report. "Factors like the use of outdated or unpatched software and systems, reliance on cracked software, insufficient proactive monitoring, and unaddressed security vulnerabilities contributed to the success of these attacks," CSEAN noted. "The accessibility of ransomware-as-a-service and the success of previous campaigns suggest a persistent and growing threat."
Potential mitigations in the face of an increased threat of ransomware attacks include prompt patching, avoiding unauthorized software and rolling out stronger monitoring practices through intrusion detection systems.
"Adopting these proactive cybersecurity measures is essential to lessen the anticipated impact of the expected surge in ransomware attacks," according to CSEAN.
CSEAN is not the first cybersecurity organization to report that Nigeria has become a hub of ransomware attacks. During the first half of 2023, Nigeria saw a 7% increase in ransomware attack attempts on individual and corporate users compared with the first half of 2022, according to a recent study by Kaspersky. Seventy-one percent of Nigerian organizations were hit by ransomware in 2021, up from 22% recorded a year earlier, Sophos reported.
Kim Wiles, senior product manager at Nominet, says that due to the nature of RaaS, there are no national boundaries and, in many cases, no limitations on who the threat actors can target.
"It's easy to scan the Internet and find potential victims," Wiles says. "Companies and countries that haven't kept their software and infrastructure up to date are always going to be more prone, and online government assets will continue to be vulnerable to common exploits."
AI-Powered Scams
Besides ransomware, other cyberthreats are on the rise in Nigeria. For instance, managed security service providers and security operations centers were targeted by malware variants like RedLine, Raccoon, and Lumba. These threats are likely to continue and escalate over the next 12 months, according to CSEAN.
Attackers are also abusing AI tools to create more effective attacks with the least possible effort. "This will manifest in more personalized phishing attacks, personalized malware, automated large-scale attacks, and sophisticated social engineering attacks," the CSEAN report claimed.
James McQuiggan, security awareness advocate at KnowBe4, says the advent of AI has ushered in an increased sophistication and volume of phishing attacks, partly because it automates the process of creating convincing scams.
"Generative AI also lowers the technical barrier to creating convincing profile pictures, impeccable text, and even malware," he says.
Addressing the complex cybersecurity challenges necessitates a "proactive and comprehensive approach" and a commitment to cybersecurity best practices, the report concluded. "Collaboration between public and private sectors, the adoption of updated computing resources, and a commitment to cybersecurity best practices are imperative."
Read more about:
DR Global Middle East & AfricaAbout the Author
You May Also Like