webcam-b

Security

To bolster global efforts against cybercrime, Kaspersky and AFRIPOL have signed a five-year cooperation agreement to prevent and combat cyber offenses

This partnership formalises collaboration between the company and the law enforcement agency, facilitating the exchange of threat intelligence on emerging cybercriminal activities.

Africa continues to face a rapidly evolving cyberthreat landscape, particularly in industrial sectors. The continent has the highest share of Industrial Control Systems computers targeted by malicious objects, as detected by Kaspersky’s solutions. These escalating risks highlight the need for enhanced cooperation to mitigate potential threats.

The agreement strengthens ties between Kaspersky and AFRIPOL by improving data exchange on cybercrime trends. Kaspersky will provide threat intelligence for AFRIPOL’s criminal intelligence analysis and offer technical assistance through its expert teams.

Kaspersky CEO Eugene Kaspersky emphasised, “An effective fight against cybercrime is inconceivable without cooperation. Our company has always put collaborative effort first – sharing its expertise with the widest range of stakeholders: the security expert community, law enforcement agencies, and also the general public to empower them with knowledge about acute cyberthreats. Hence, by advancing our cooperation with AFRIPOL and by equipping the agency with both the information and technology required for responding to emerging cyberthreats, we hope to enhance our contribution in fostering greater cyber-resilience and a safer cyberspace for all.”

AFRIPOL acting executive director ambassador Jalel Chelba stated, “This agreement with Kaspersky represents a major step forward in strengthening Africa's digital defenses. By leveraging Kaspersky's expertise and resources, we are not only enhancing AFRIPOL's ability to counter cyber threats, but also contributing to the protection of a secure digital space for all African citizens. This collaboration brings substantial added value to both our organisations: it strengthens AFRIPOL's operational framework in combating cybercrime, while allowing Kaspersky to play a key role in the digital security of a strategically important continent in terms of cybersecurity. Together, we are taking a significant step towards resilience and digital trust in Africa, by mobilising the best of both partners.”

Kaspersky and AFRIPOL have a long record of joint cooperation projects. The two organisations have been active contributors to the assessment of the African threat landscape, while also being active participants in INTERPOL-led actions to disrupt cybercrime on the African continent, namely Africa Cyber Surge Operation and Africa Cyber Surge Operation II. The two organisations have also been advocating for greater digital trust, with AFRIPOL having endorsed Kaspersky’s first Transparency Center in the African region in Rwanda.

Nigeria's EFCC takes action against cyber-crime with a 24-hour reporting desk for citizens. (Image source: Adobe Stock)

Nigeria's anti-corruption agency, the Economic and Financial Crimes Commission (EFCC), is intensifying its efforts against cyber-crimes by enabling residents to report offenses around the clock

This will be facilitated through a 24-hour Cybercrime Rapid Response Desk, designed to receive and swiftly respond to information on cyber-crimes from the public. The desk will be accessible via both local and international phone numbers.

"Cyber-crime is not a crime against individuals and businesses. It is an assault on our collective integrity, economic stability, and the future of our youth," stated Nigeria's First Lady, Oluremi Tinubu. "It is therefore crucial that we address these challenges head-on and explore not only the harmful consequences of cyber-crimes but also the sustainable alternatives that can redirect our youths towards productive and positive endeavours."

With over 60% of Nigeria’s population being young people, Tinubu highlighted that youth involvement in cyber-crime poses a significant threat to the nation's economic stability. The perpetrators of these crimes, often referred to locally as 'Yahoo Boys,' are primarily tertiary graduates struggling to secure formal employment.

The Nigeria Communications Commission reports that cyber-criminal activities cost the country an estimated US$500mn annually. This initiative by the EFCC aims to curb cyber-crime, safeguarding Nigeria’s economic stability and promoting positive and sustainable paths for the youth.

Kaspersky warns of the growing threat from the Grandoreiro banking trojan, targeting financial institutions and cryptocurrency wallets globally. (Image source: Adobe Stock)

Kaspersky, a leading global cybersecurity and digital privacy firm, has issued a warning about the Grandoreiro banking trojan, a growing threat worldwide 

Active since 2016, Grandoreiro has targeted over 1,700 financial institutions and 276 cryptocurrency wallets across 45 countries just this year. This accounts for about 5% of the year’s total banking Trojan attacks. Adding to the concern, a newly discovered "light version" of the malware has already affected around 30 banks in Mexico.

Several African nations, including Algeria, Angola, Ethiopia, Ghana, Côte d'Ivoire, Kenya, Mozambique, Nigeria, South Africa, Tanzania, and Uganda, have also fallen victim to Grandoreiro's attacks.

An evolving cyber threat

Following an INTERPOL-led operation that helped Brazilian authorities arrest some operators behind the Grandoreiro banking trojan, Kaspersky discovered that the malware’s codebase has been split into lighter, more fragmented variants to continue their activities. This fragmentation has contributed to the rise of financial institution attacks in Mexico this year. The creators of the malware likely retain access to its source code and are now launching new campaigns using this simplified legacy version.

“These recent developments highlight the dynamic nature of the threat. The emergence of these lighter versions could signal a trend that might expand beyond Mexico, potentially spreading to other regions, including outside Latin America,” said Fabio Assolini, head of Kaspersky’s Latin American Global Research and Analysis Team (GReAT). “However, it appears that only a select group of trusted affiliates have access to the source code, which allows them to develop such lighter variants. Grandoreiro operates differently from the typical ‘Malware-as-a-Service’ model; it isn’t advertised in underground forums, and access to it seems highly restricted.”

Multiple Grandoreiro variants, including the light version and the main malware, are now responsible for a significant portion of global banking trojan attacks, making it one of the most prevalent cybersecurity threats today, according to Kaspersky.

After analysing new Grandoreiro samples from 2024, Kaspersky observed fresh tactics aimed at evading detection. The malware now tracks mouse activity to replicate real user behavior, fooling machine-learning security systems into treating the activity as legitimate. By imitating natural mouse movements, Grandoreiro attempts to bypass anti-fraud tools.

Moreover, Grandoreiro has employed a cryptographic method called Ciphertext Stealing (CTS), which Kaspersky reports as a first in the malware world. This technique is used to encrypt malicious code strings, enhancing its stealth.

To combat financial malware like Grandoreiro, Kaspersky's security experts recommend several key measures for organisations, including enforcing a Default Deny policy for critical user profiles, providing employees with cybersecurity awareness training, and deploying protection solutions for mail servers with anti-phishing capabilities, such as Kaspersky Security for Mail Server.

For individuals, Kaspersky advises staying vigilant—avoid opening suspicious messages, only install apps from trusted sources, and never grant permissions or rights without confirming they align with the app's functionality. Additionally, using a reliable security solution like Kaspersky Premium is essential for protection. 

GITEX GLOBAL 2024 showcases cutting-edge cybersecurity innovations and solutions as industry leaders unite to combat rising threats. (Image source: Adobe Stock)

After an action-packed two days at GITEX GLOBAL 2024, Wednesday showcased an incredible program focused on current and future cybersecurity landscapes, featuring insights from leading experts

Running from October 14-18 at the Dubai World Trade Centre (DWTC), GITEX GLOBAL is the largest tech event in the world, celebrating its record-breaking 44th edition in 2024 with over 6,500 exhibitors, 1,800 startups, 1,200 investors, and government representatives from more than 180 countries.

As the biggest international edition of GITEX GLOBAL reached its midpoint, “Cybersecurity Day” dominated the Wednesday agenda. The event featured a series of keynote speeches, fireside chats, and panels addressing urgent challenges, emerging threats, and innovative solutions for individuals, businesses, industries, and nations globally.

Addressing the cybercrime challenge

With global cybercrime damages projected to hit $10.5 trillion annually by 2025, the tech community is united in its mission to create a stronger defense. This resolve was evident at GITEX GLOBAL as top CISOs, CIOs, and GRC leaders gathered to discuss strategies for establishing a formidable global defense.

In 2024, AI-driven fraud in the finance sector has surged by 40%, presenting unprecedented challenges. One highlight of Wednesday was the conference session titled “AI-Driven Digital Fraud: Safeguarding the Finance Industry’s Future,” which explored how emerging technologies are being leveraged to combat this evolving threat.

Dr Mohamed Al Kuwaiti, head of cybersecurity for the UAE Government, shared insights on the impressive threat mitigation efforts in the UAE, having neutralised millions of attacks this year alone. He emphasised AI’s transformative role in cybersecurity, stating to the GITEX Tech Waves Podcast: “Cyber awareness is crucial – and AI is changing the game. The UAE is a financial hub that faced 71 million attacks in Q1 2024. We are resilient and thwarted these with early threat detection through AI. It’s a hugely beneficial technology alongside our great partnerships with the world.”

Todd Conklin, chief AI officer & deputy assistant secretary, cybersecurity & critical infrastructure protection at the US Department of the Treasury, echoed similar sentiments about AI’s benefits. He remarked, “The US Treasury runs the largest payments ecosystem in the entire world. We’ve leveraged AI models to reduce fraud by almost US$600mn in the last six months. It’s becoming increasingly critical in the counter-fraud space.”

Exploring new opportunities

With 88% of exhibiting startups making their GITEX GLOBAL debut and over 230 new partnerships formed between various entities, the event continues to serve as a catalyst for global collaboration. By Wednesday, more than 13,000 pre-arranged meetings had already taken place, with many more expected as companies unveil transformative solutions.

Huawei highlighted its critical infrastructure and cloud tech solutions, with Dr Aloysius Cheang, chief security officer for the Middle East & Central Asia at Huawei, noting that the company faces an average of 12 billion cyberattacks daily. He urged organizations to adopt a cybersecurity culture centered on security and privacy.

Kaspersky showcased its innovative Cyber Immunity approach and advanced threat intelligence solutions, while Fortinet presented products from its cybersecurity platform portfolio. Solutions by stc introduced visitors to emerging technologies that add value for customers.

Day three of GITEX GLOBAL 2024 also featured exciting activations and conferences at GITEX Cyber Valley, the premier cybersecurity exhibition hosted by the UAE Cyber Security Council. A highlight session featured Brett Johnson, a former cybercriminal turned expert, who shared insights during “Scamming the Scammer: Inside the Mind of a Cybercriminal.” Live Hacks showcased ethical hackers performing AI-powered hacks, while Santiago Lopez, the world's first million-dollar hacker, provided guidance on turning hacking skills into a profitable career in another engaging session.

Looking Ahead

GITEX GLOBAL 2024 continues Thursday with “Data Centres Universe,” bringing together thought leaders to discuss the future of data management and infrastructure. Sessions will explore the latest data technologies and sustainable energy solutions, emphasising data centres' crucial role in supporting the rapid growth of digital services.

Safaricom partners with Cloudflare and Copycat to deliver affordable, comprehensive cybersecurity solutions for Kenyan MSMEs. (Image source: Adobe Stock)

Safaricom has forged a strategic partnership with Cloudflare, a global web infrastructure and cybersecurity provider, and Copycat, a leading systems integrator in East Africa 

This collaboration aims to significantly reduce the costs of integrated cybersecurity services for micro, small, and medium enterprises (MSMEs).

The partnership seeks to provide a comprehensive digital security stack for Kenyan businesses, reinforcing Safaricom’s commitment to driving innovation and offering a one-stop shop for customers’ connectivity and technology needs. The new affordable plans enable access to world-class cybersecurity solutions for businesses of all sizes. These services would otherwise cost five to ten times more for the same capabilities and eliminate the complexity of juggling multiple solutions across various vendors—a barrier for many MSMEs.

Securing Kenya’s digital future

Reflecting on the significance of this collaboration, Safaricom’s chief enterprise business officer, Cynthia Kropac, noted that as the first managed services provider for Cloudflare solutions in all of Africa, MSMEs will have access to comprehensive cybersecurity solutions, from basic protection to advanced tools from a well-regarded global brand with ready-to-use cyber protection services that don’t require complex infrastructure or expensive professional services.

“At the heart of this collaboration is not just technology, but affordability and accessibility. By leveraging Cloudflare’s solutions, such as zero trust services and email security hosted locally in data centers within Kenya, we are investing in a futureproof infrastructure that provides every customer with robust and advanced protection from cyber threats. Businesses can subscribe to the cloudbased cybersecurity plans of their choice online and get access to full stack application and network security solutions from KES 5,000 per site per month and operational in hours,” Kropac explained.

Cloudflare’s demonstrated ability to deliver reliable services, with over 248TB processing capacity, 30 times more than any other provider in the market, underscores the scale and capacity of this offering.

“This groundbreaking move is poised to redefine the Kenyan cybersecurity landscape and reinforce Safaricom’s commitment to safeguarding enterprises. We are empowering Kenyan businesses to thrive in the digital age,” Kropac added.

Graham Turnbull, Managing Executive at Cloudflare, emphasised, “The partnership with Safaricom is bringing comprehensive and effective digital security solutions closer to business owners, enabling them to focus on optimizing productivity and service, with software that guarantees progress.”

As the first Cloudflare Managed Services Partner in Africa, this partnership not only highlights Safaricom’s dedication to fostering digital transformation and resilience among MSMEs but also positions Safaricom as a key player in empowering Kenyan businesses. By fortifying their digital security and fostering sustainable growth, Safaricom is contributing significantly to the rapidly evolving digital economy. This initiative is a testament to Safaricom’s unwavering commitment to supporting the growth and sustainability of MSMEs in the digital age.

Guided by a vision where digital security, productivity, and innovation converge seamlessly, Safaricom’s alliance with Cloudflare paves the way for Kenyan businesses to not only survive but thrive in the digital age. This collaboration fortifies MSMEs with robust cybersecurity and equips them with tools to amplify their impact on the global stage.

This partnership also combines Copycat’s deep expertise in technologies and systems integration with Safaricom’s unmatched reach in digital services. Vishal Patel, managing director at Copycat, remarked, “As organisations increasingly depend on secure and highperformance digital platforms, our joint offering will ensure that businesses of all sizes benefit from enterprisegrade protection, enabling them to scale confidently with secure, fast, and reliable digital infrastructure. Together with Safaricom, we are proud to launch this service and look forward to supporting businesses across the region as they embrace the digital future.”

More Articles …

Most Read

Latest news