Five African countries including Nigeria, Zambia, Uganda, Malawi and South Africa have been identified as having the highest risk profile globally in terms of cyber attacks, according to a global threat index report released Monday by Check Point Software Technologies.
The report indicated that Africa features significantly in the latest Global Threat Impact Index released for May 2017, accounting for five of the global top ten countries
Zambia ranks first with Nigeria coming in second position in the global review for the month of May. Uganda, Malawi and South African are ranked 7th, 8th and 9th respectively.
South Africa, in particular, demonstrated a significant jump in ranking, having moved up from 22nd position in the previous month.
The index also revealed that more than one in four organisations globally were affected by the Fireball or WannaCry attacks in May, 2017.
Two of the top three malware families that impacted networks globally were zero-day, previously unseen attacks. Fireball impacted one in five organisations worldwide, with second-placed RoughTed impacting 16% and third-placed WannaCry affecting nearly 8% of organisations globally. The two malware variants, Fireball and WannaCry, rapidly spread worldwide throughout the month of May.
The most prevalent malware highlight the wide range of attack vectors and targets cyber-criminals are utilising, impacting all stages of the infection chain. Fireball takes over target browsers and turns them into zombies, which it can then use for a wide range of actions including dropping additional malware, or stealing valuable credentials.
By contrast, RoughTed is a large-scale malvertising campaign, and WannaCry takes advantage of a Windows SMB exploit called EternalBlue in order to propagate within and between networks. WannaCry was particularly high profile, bringing down a myriad of networks worldwide.
In addition to the top three, there were also other new variants of malware seen within the top ten of the index including Jaff (8th) another form of ransomware, demonstrating how profitable this particular attack vector is proving for malicious parties.