Surge in data theft attempts has raised spyware attacks on businesses in Africa between 2023 and 2024.

Kaspersky, which revealed this, noted that “Spyware is secretly installed on a user’s computer to monitor their actions and collect their data.”

Kaspersky, a cybersecurity solution provider, said aside from the growth in spyware, there was a 26 per cent increase in password-stealing detections. Password stealers are a type of malware designed to harvest login credentials and other sensitive data.

Lead cybersecurity researcher at Kaspersky Global Research and Analysis Team, Maher Yamout, said statistics showed an increase in attack detections for several types of cyberthreats, and the factors driving these increases are multifaceted.

“In the B2B sector, the continuing shift toward hybrid work models and the rush to digitise operations, often outpacing cybersecurity investments, may leave businesses in Africa exposed to advanced persistent threats,” he added.

According to him, the explosion of digital financial services and low digital literacy rates make individuals prime targets for opportunistic attacks in the B2C space.

The report noted that a total of 131,580,587 web threats were detected last year in Africa, including almost 20 million attack attempts in Kenya, almost 17 million in South Africa, and 12.6 million in Morocco. From 2023 to 2024, businesses in Africa were targeted by web threats, on-device threats, and attacks aiming to steal data, including spyware and password stealers.

It said phishing and ransomware were the most significant threats in the region, with 66 million phishing link clicks recorded by Kaspersky in the region, including over 14.8 million phishing link clicks by corporate users.

According to it, local (on-device) threat detections in organisations in the region also grew by four percent. Local (on-device) threats include malware that spreads via removable USB drives, CDs, and DVDs or that initially makes its way onto the computer in non-open form (for example, programmes in complex installers, encrypted files, etc).

Specifically, Nigeria saw a 169 per cent increase; Ethiopia, 86 per cent; South Africa 32 per cent; Senegal, 11 per cent and Morocco nine per cent. They were among the countries that recorded growth in local threats detected in organisations.

Combatting these attacks, Yamout said organisations must collaborate, invest in specialised cybersecurity training, and promote digital literacy.

“Initiatives like the African Cyber Surge operation and targeted educational programmes can serve as blueprints for building a resilient digital ecosystem across the continent,” Yamout stressed.