Check Point Software Technologies released its Global Threat Index for December 2024, emphasising the growing sophistication of cybercriminals. For Africa, December was hardly a season to be jolly with eight of the continent’s countries listed among the top 20 most attacked.
Ethiopia retained its top spot as the most attacked country with a 98.2% Normalised Risk Index out of the 106 countries featured in the Index.
Other African countries featured in the top 20 are:
Uganda at 8th place with a Normalised Risk Index of 68,2.
Angola at 9th place with a Normalised Risk Index of 66,2.
Ghana at 11th position with a Normalised Risk Index of 62,7.
Nigeria at 13th position with a Normalised Risk Index of 62,3, not too far from Ghana.
Kenya’s Normalised Risk Index has increased since last month, moving from position 20 to 17 with a Normalised Risk Index of 57,6.
Mozambique comes in at position 18 with a Normalised Risk Index of 56,9.
In 20th position with a higher Normalised Risk Index than last month is Cote d’Ivoire with 55,6.
In December, the malware focus was on the rise due to FunkSec, an emerging ransomware-as-a-service, RaaS operator leveraging Artificial Intelligence, alongside persistent threats from malware families like FakeUpdates and AgentTesla. Data from ransomware shame sites reveals FunkSec as the most active group in December, responsible for 14% of all published attacks.
Linked to Algeria, FunkSec appears driven by financial gain and hacktivist ideologies, with its AI-assisted tactics pointing to the increasing use of advanced technologies in cybercrime.
FunkSec’s operations have thrust it to the forefront of double-extortion ransomware groups. Publishing over 85 victims in December 2024 alone, FunkSec has surpassed its competitors in volume. However, Check Point Research has flagged many of these claims as recycled or unverified, raising doubts about the group’s credibility
Among the most prevalent malware threats, FakeUpdates reclaimed the top spot globally, affecting 5% of organisations worldwide, followed closely by AgentTesla, 3% and Androxgh0st, 3%. FakeUpdates, also known as SocGholish, remains a versatile downloader that introduces additional malicious payloads, while AgentTesla continues to target sensitive credentials.
Maya Horowitz, VP of Research at Check Point Software, commented on the findings. “The latest trends in cybercrime underscore the importance of vigilance and innovation in cybersecurity. Organisations must leverage advanced threat prevention measures to protect themselves against the evolving landscape of sophisticated attacks.”
Credits: Intelligent CIO
