webvic-c

twitteryou tubeacpLinkedIn

Security

KnowBe4 predicts 2025 cybersecurity trends, highlighting AI's dual role, ransomware threats, and Africa's cybercrime-human trafficking intersection. (Image source: KnowBe4)

KnowBe4, a globally renowned cybersecurity platform specialising in human risk management, has unveiled its cybersecurity predictions for 2025, curated by its team of international experts

In 2024, cyber threats evolved at an unprecedented pace, largely fueled by the growing use and popularity of AI tools. While these tools empower cybersecurity professionals to strengthen their defences, they also equip cybercriminals to refine and enhance their attack strategies, making them harder to detect.

AI Continues to Shape Cybersecurity

Advancements in AI will drive innovation on both sides of the cybersecurity spectrum. AI-powered tools for defence will improve threat detection and response capabilities, leveraging the technology's ability to process large volumes of data, identify anomalies, and enhance detection accuracy. This evolution will significantly aid cybersecurity teams.

Conversely, attackers are also harnessing AI to craft more sophisticated methods, such as targeted social engineering campaigns that exploit emotions and specific vulnerabilities. These AI-driven tactics will blur the lines between authentic and malicious content, intensifying the ongoing battle between defenders and attackers.

Persistent Ransomware Threats

Ransomware will remain a prominent challenge due to the collaboration between ransomware groups and initial access brokers. To counteract this, AI-based tools capable of monitoring networks and detecting unusual encryption processes will gain popularity, minimising the impact of ransomware attacks.

Focus on the Human Element

Organisations will increasingly prioritise security awareness training and simulated phishing exercises to address human risk factors. As cybercriminals refine their social engineering techniques, creating personalised and effective attacks, companies must balance maintaining vigilance with avoiding phishing fatigue. Adaptive, relevant training will play a vital role in fostering a positive security culture.

Advances in Deepfake Detection

The year 2025 will bring significant improvements in deepfake detection technologies, making them more accessible and effective. However, cybercriminals are expected to exploit deepfakes and disinformation to accelerate extortion, mask other attacks, and harm reputations.

Adopting Zero-Trust and Cyber-Mindfulness

A zero-trust mindset and cyber-mindfulness will gain traction as proactive cybersecurity strategies. Organisations will emphasise critical thinking and a vigilant attitude among employees, treating every user and device as potential threats. This approach will help mitigate internal risks while fostering a culture of scepticism and awareness.

Cybercrime and Human Trafficking in Africa

Africa faces an alarming rise in cybercrime linked to human trafficking, with criminals exploiting the region’s youth through fraudulent job offers. This disturbing overlap is expected to worsen in 2025, as cybercriminals leverage economic hardships and limited digital literacy to increase targeted scams such as romance and employment fraud.

“The cybersecurity landscape is rapidly evolving, and the dynamic between defenders and attackers has never been more complex,” said Stu Sjouwerman, CEO of KnowBe4. “As we enter 2025, we must embrace the potential of AI to enhance our defences and protect organisations globally. At KnowBe4, we are dedicated to staying at the forefront of this evolution, providing human risk management tools and tactics to protect organisations against sophisticated threats. It is a continuous journey of innovation and adaptation.”

 

SEACOM collaborates with forefront and Cloudflare to provide advanced cybersecurity solutions to African businesses. (Image source: Adobe Stock)

SEACOM, a leading provider of connectivity and cloud services, has partnered with Forefront, a cybersecurity managed services firm, and Cloudflare to deliver advanced cybersecurity solutions across Africa

The collaboration aims to enhance cybersecurity resilience on the continent by offering Cloudflare's top-tier security services to businesses looking to modernise their infrastructure. SEACOM clients will now have access to a range of Cloudflare products along with managed services, including optimisations, integrations, health checks, and local support from certified Cloudflare teams.

Sajid Khan, SEACOM's group managing director for digital services, noted, "This partnership marks an exciting new addition to our product portfolio by providing cutting-edge cybersecurity solutions to our clients."

Graham Turnbull, Cloudflare's account executive, commented, "SEACOM's extensive network infrastructure provides a strong foundation for delivering Cloudflare's solutions, including advanced security and zero-trust services, through the Managed Services Programme. Together, we are empowering African businesses with world-class internet and security services."

To bolster global efforts against cybercrime, Kaspersky and AFRIPOL have signed a five-year cooperation agreement to prevent and combat cyber offenses

This partnership formalises collaboration between the company and the law enforcement agency, facilitating the exchange of threat intelligence on emerging cybercriminal activities.

Africa continues to face a rapidly evolving cyberthreat landscape, particularly in industrial sectors. The continent has the highest share of Industrial Control Systems computers targeted by malicious objects, as detected by Kaspersky’s solutions. These escalating risks highlight the need for enhanced cooperation to mitigate potential threats.

The agreement strengthens ties between Kaspersky and AFRIPOL by improving data exchange on cybercrime trends. Kaspersky will provide threat intelligence for AFRIPOL’s criminal intelligence analysis and offer technical assistance through its expert teams.

Kaspersky CEO Eugene Kaspersky emphasised, “An effective fight against cybercrime is inconceivable without cooperation. Our company has always put collaborative effort first – sharing its expertise with the widest range of stakeholders: the security expert community, law enforcement agencies, and also the general public to empower them with knowledge about acute cyberthreats. Hence, by advancing our cooperation with AFRIPOL and by equipping the agency with both the information and technology required for responding to emerging cyberthreats, we hope to enhance our contribution in fostering greater cyber-resilience and a safer cyberspace for all.”

AFRIPOL acting executive director ambassador Jalel Chelba stated, “This agreement with Kaspersky represents a major step forward in strengthening Africa's digital defenses. By leveraging Kaspersky's expertise and resources, we are not only enhancing AFRIPOL's ability to counter cyber threats, but also contributing to the protection of a secure digital space for all African citizens. This collaboration brings substantial added value to both our organisations: it strengthens AFRIPOL's operational framework in combating cybercrime, while allowing Kaspersky to play a key role in the digital security of a strategically important continent in terms of cybersecurity. Together, we are taking a significant step towards resilience and digital trust in Africa, by mobilising the best of both partners.”

Kaspersky and AFRIPOL have a long record of joint cooperation projects. The two organisations have been active contributors to the assessment of the African threat landscape, while also being active participants in INTERPOL-led actions to disrupt cybercrime on the African continent, namely Africa Cyber Surge Operation and Africa Cyber Surge Operation II. The two organisations have also been advocating for greater digital trust, with AFRIPOL having endorsed Kaspersky’s first Transparency Center in the African region in Rwanda.

Nigeria's EFCC takes action against cyber-crime with a 24-hour reporting desk for citizens. (Image source: Adobe Stock)

Nigeria's anti-corruption agency, the Economic and Financial Crimes Commission (EFCC), is intensifying its efforts against cyber-crimes by enabling residents to report offenses around the clock

This will be facilitated through a 24-hour Cybercrime Rapid Response Desk, designed to receive and swiftly respond to information on cyber-crimes from the public. The desk will be accessible via both local and international phone numbers.

"Cyber-crime is not a crime against individuals and businesses. It is an assault on our collective integrity, economic stability, and the future of our youth," stated Nigeria's First Lady, Oluremi Tinubu. "It is therefore crucial that we address these challenges head-on and explore not only the harmful consequences of cyber-crimes but also the sustainable alternatives that can redirect our youths towards productive and positive endeavours."

With over 60% of Nigeria’s population being young people, Tinubu highlighted that youth involvement in cyber-crime poses a significant threat to the nation's economic stability. The perpetrators of these crimes, often referred to locally as 'Yahoo Boys,' are primarily tertiary graduates struggling to secure formal employment.

The Nigeria Communications Commission reports that cyber-criminal activities cost the country an estimated US$500mn annually. This initiative by the EFCC aims to curb cyber-crime, safeguarding Nigeria’s economic stability and promoting positive and sustainable paths for the youth.

Kaspersky warns of the growing threat from the Grandoreiro banking trojan, targeting financial institutions and cryptocurrency wallets globally. (Image source: Adobe Stock)

Kaspersky, a leading global cybersecurity and digital privacy firm, has issued a warning about the Grandoreiro banking trojan, a growing threat worldwide 

Active since 2016, Grandoreiro has targeted over 1,700 financial institutions and 276 cryptocurrency wallets across 45 countries just this year. This accounts for about 5% of the year’s total banking Trojan attacks. Adding to the concern, a newly discovered "light version" of the malware has already affected around 30 banks in Mexico.

Several African nations, including Algeria, Angola, Ethiopia, Ghana, Côte d'Ivoire, Kenya, Mozambique, Nigeria, South Africa, Tanzania, and Uganda, have also fallen victim to Grandoreiro's attacks.

An evolving cyber threat

Following an INTERPOL-led operation that helped Brazilian authorities arrest some operators behind the Grandoreiro banking trojan, Kaspersky discovered that the malware’s codebase has been split into lighter, more fragmented variants to continue their activities. This fragmentation has contributed to the rise of financial institution attacks in Mexico this year. The creators of the malware likely retain access to its source code and are now launching new campaigns using this simplified legacy version.

“These recent developments highlight the dynamic nature of the threat. The emergence of these lighter versions could signal a trend that might expand beyond Mexico, potentially spreading to other regions, including outside Latin America,” said Fabio Assolini, head of Kaspersky’s Latin American Global Research and Analysis Team (GReAT). “However, it appears that only a select group of trusted affiliates have access to the source code, which allows them to develop such lighter variants. Grandoreiro operates differently from the typical ‘Malware-as-a-Service’ model; it isn’t advertised in underground forums, and access to it seems highly restricted.”

Multiple Grandoreiro variants, including the light version and the main malware, are now responsible for a significant portion of global banking trojan attacks, making it one of the most prevalent cybersecurity threats today, according to Kaspersky.

After analysing new Grandoreiro samples from 2024, Kaspersky observed fresh tactics aimed at evading detection. The malware now tracks mouse activity to replicate real user behavior, fooling machine-learning security systems into treating the activity as legitimate. By imitating natural mouse movements, Grandoreiro attempts to bypass anti-fraud tools.

Moreover, Grandoreiro has employed a cryptographic method called Ciphertext Stealing (CTS), which Kaspersky reports as a first in the malware world. This technique is used to encrypt malicious code strings, enhancing its stealth.

To combat financial malware like Grandoreiro, Kaspersky's security experts recommend several key measures for organisations, including enforcing a Default Deny policy for critical user profiles, providing employees with cybersecurity awareness training, and deploying protection solutions for mail servers with anti-phishing capabilities, such as Kaspersky Security for Mail Server.

For individuals, Kaspersky advises staying vigilant—avoid opening suspicious messages, only install apps from trusted sources, and never grant permissions or rights without confirming they align with the app's functionality. Additionally, using a reliable security solution like Kaspersky Premium is essential for protection. 

More Articles …

Most Read

Latest news