Software firm says crime targeting mobile phones on the rise
By Brian Yatich
The growth of the internet and digital platforms have triggered a wave of cyber-crime in recent years.
Enterprises are faced with this unprecedented challenge and organisations are increasingly looking for expert service providers who can help their businesses to stay on top of the threat.
It is against this backdrop that Check Point Software Technology, a global cyber security vendor, decided to set up office in East Africa to curtail this scourge.
“More than 2 million people in East Africa were affected by cyber-crime last year,” says Duncan Andenga, East Africa Country Manager for Check Point Software Technologies.
At the beginning of this year, Checkpoint Technologies released a global threat index showing a breakdown of new and prevalent threats, as well as relative rankings of countries at risk globally in real-time.
The report shows how developing African nations are highly represented in the upper rankings of the index with Nigeria among the worst affected with a handful of other African countries with Uganda and Malawi in second and fourth spots respectively.
In stark contrast, Kenya improved its ranking by 24 places, moving down from position 45 at the end of 2015 to position 69 at the end of the quarter.
Andenga says most of the East and West African countries’ worsening rankings may be due to a dramatic increase in threats targeting mobile devices, while Kenya’s improvement could reflect a growing maturity in security awareness.
“It’s not immediately clear why the East and West African hubs are experiencing such different moves in terms of cyber-attacks, and we are generally seeing a lot of volatility every month in different countries on the index. But this quarter, mobile malware was ranked as one of the 10 most prevalent attack types affecting corporate networks and devices for the first time ever,” he says.
The company uses “Threat Map”, a detector intelligence chart conveying threat data and attack trends from a global network linked up by sources of the largest collaborative cyber networks.
“The ThreatCloud is a database that holds over 250 million addresses and it traces over 11 million malware signatures and over 5.5 million infected websites and identifies millions of malware types daily which it then reflects on our radar,” he says.
Andenga points out that along with the gradual change in classification and nature of computing and computers, the continued evolution toward cheaper processors, faster networks and broadening skylines in technology has made it possible.
“Desktops, laptops, smart watches, to mobile phones and the everyday internet connected gadgets may very well be compromised,” he says.
“By 2020 we expect billions of physical devices to join the global digital network which will bring a number of opportunities as well as risks for each governments, industries, organisations, academia and even individuals,” he adds.
The biggest impact of Check Point has been the company’s effort to mitigate risks such as responding to serious data breach and giving voice to companies that suffered silently for a long time.
“At Check Point, we analyse malware samples, intrusion patterns, and other digital residue left behind by hackers and then package those insights into guidance for analysis on how we can recover data or information damaged by the virus or malware, and maybe create a lasting remedy from the deduction,” he explains
‘HummingBad’, a malware that has been a large contributor to the new top 10 position of mobile threats in the globe, was exposed by Check Point in February 2016. The virus immediately became the seventh most common malware detected, targeting corporate networks and devices and in March it moved to the sixth top spot on their radar.
“The malware basically targets Android devices specifically; it facilitates malicious activity such as installing key-loggers, stealing credentials and bypassing encrypted email containers used by companies, allowing for interception of corporate data and even financial data. It was the third highest threat in Kenya in the first quarter and seventh in Nigeria,” he explains.
Check Point identified more than 1,500 different malware groups in January, 1,400 in February and 1,300 in March. Throughout the quarter, the company was able to identify ‘Conficker’ and ‘Sality’ malware, two of the commonly used variants in the quarter, with ‘Sality’ ranking first in both Nigeria and Kenya.
Andenga says Africa being the “mobile-first” and “mobile-only” continent, this portrays a new wave of threats and is likely to have a strong impact on the number of attacks as recently evidenced in the region.
“Individuals who run their businesses off mobile devices as well as organisations that have a bring-your-own-device policy, will need to prepare for this in their security strategy. It is necessary to apply the same level of security to those personal mobiles as required by company networks and PCs, and security professionals must have a coherent threat management approach that will address this,” he says.
To further scale up its services, the company charges small business enterprises a premium rate of less than US$30 monthly for a package of three devices that protect and monitor clients’ networks 24/7.
“We offer end-to-end security in our cloud storage small enterprises and also cater for personal mobile devices in our servers. We prevent and mitigate cyber-attacks and limit data theft that often results from these threats. Our security management solution delivers unsurpassed extensibility and ease of use,” he adds.
The security architecture protects over 1,000 organisations of all sizes across East Africa, defending them from computer malwares emanating from networks and PCs to mobile devices.