Since the start of 2018, Kaspersky researchers have kept a close eye on the META region for Advanced Persistent Threat (APT) attacks and worked on 29 investigative cases across Africa.
These statistics are drawn from Kaspersky’s APT intelligence reporting service, which is populated by Kaspersky’s Global Research and Analysis team. The team issues detailed reports on each of the investigations and alerts the security operations team in governments and businesses on the threat actors that concern them. These statistics provide an overview of the countries and sectors that were most targeted by Advanced Persistent Threats.
The META region has always been a hotbed for such targeted attacks due to geopolitical situation and the last couple of years have been no different. It is not shocking to note that the greater number of APT attacks investigated by Kaspersky were primarily seen in national agencies. Government institutions bore the brunt with 61 cases reported over the course of the last two years.
Diplomatic institutions came in next on the list with 49 reports, with military and defence institutions and financial and investment institutions with 31 and 33 reports being unveiled respectively.
Other targeted sectors on the list include telecommunications, energy, IT companies, political parties, educational institutions, INGOs, media and healthcare. These sectors are attacked far less than governmental institutions, but it is still a cause for concern.
Kaspersky researchers issued 21 threat intelligence reports related to the Kingdom of Saudi Arabia, which is the greater number of reports out of all the Middle Eastern countries. The second highest target is the United Arab Emirates with Kaspersky scrutinising 16 reports from the country. Kaspersky issued 14, 13 and 12 reports from Kuwait, Jordan and Lebanon respectively. The lowest number of reports issued were from Egypt, Syria and Iraq totalling to 10 from each country.
These investigations are not confined to the Middle East but also extend to Turkey and Africa. Kaspersky worked on 18 cases in Turkey so far. The African region saw relatively less targeted attacks when measured up against Middle Eastern countries and Turkey. Kaspersky examined five cases from Kenya and Ethiopia respectively and four each from South Africa, Morocco, Tanzania and Libya. Sudan had the least number of attacks totalling to a mere three.
Dr. Amin Hasbini, Head of the Global Research and Analysis Team, for Middle East, Turkey and Africa at Kaspersky, said: “It is clear from our investigations, that APT attacks in the META region are showing no signs of slow down. Simultaneously, APT attacks are becoming further difficult to detect and the more we hunt, the more we uncover. Kaspersky has been at the forefront of discovering new outbreaks and where they take place. We ensure to alert the concerned organisations on time and provide them with the protection and intelligence needed against both known and unknown threats.”
As the name suggests, APT attacks are ongoing threats that are active for years on end. Evaluating these attacks allows cybersecurity teams to make connections and try to measure the motivation behind why these attacks took place. It also helps teams to calculate what the attacker’s next moves could be and accordingly take the necessary steps to protect themselves against future incidents.
Kaspersky works with the legal authorities and provides them with the intelligence needed to track and prosecute the groups behind such attacks.