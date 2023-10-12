No fewer than 10 million email threats were targeted at Nigerian businesses between January and June 2023. In addition, over 800,000 malicious URLs and almost 4,500 malicious mobile apps were also recorded to be targeted at businesses and consumers during the same period. This comes at a time the complexity of the country’s cybersecurity threat landscape continues to intensify. The findings were revealed by the Trend Micro 2023 Mid- year Cybersecurity Threat Report, which presented highlights from the company’s telemetry covering the broadest attack surface view across millions of commercial and consumer clients.

The report also uncovered key trends in criminal techniques, tactics, and threat actor activity, providing important guidance for defenders looking to stay one step ahead of calculating cyber criminals. “With each passing month, the local threat landscape becomes more intricate and convoluted. Our latest research shows that illegal actors are shifting targets and getting increasingly creative to become more efficient and prolific. Prioritising a set of proactive and holistic security solutions has never been more important,” said Gareth Redelinghuys, Country Managing Director, African Cluster at Trend Micro.

During the first half of 2023, around 2.4 million malware families were blocked by Trend Micro in Nigeria. Ransomware, in particular, is a challenge for local companies, with hundreds of ransomware detections in June alone. However, the Midyear Report offers valuable insight into how ransomware groups are operating – not only updating their tools and techniques to extract data more efficiently but also adapting their business models. Earlier this year, Trend Micro researchers discovered a new ransomware that uses legitimate search engine tools to search for files to encrypt.

Investigation into this new ransomware, which researchers named ‘Mimic,’ suggests a connection with the larger and more notorious Conti ransomware group. It is suspected that collaboration between these criminal groups helps them lower costs and increase their market presence while also maintaining the efficacy of their criminal activities. According to the report, many ransomware players are also turning their data exfiltration efforts toward tactics such as cryptocurrency theft and business email compromise (BEC).

Another key trend that emerged in the first half of 2023 was the use of AI by cybercriminals to carry out virtual crimes more efficiently. A significant number of Nigerian businesses have implemented AI in some form in a bid to elevate their operations – but they aren’t the only ones. Recently, malicious actors have abused AI technology to accurately impersonate real people as part of their attacks and scams. Imposter scams such as virtual kidnapping are becoming increasingly rampant globally.

In the case of virtual kidnapping, malicious actors can create a deep fake voice of their victim’s child and use it as proof that they have the child in their possession to pressure the victim into sending large ransom amounts. At the same time, ChatGPT and other AI tools are enabling criminals to automate the gathering of information, formation of target groups, and identification of vulnerable behaviours. This is helping them lure big- name victims (also known as “big fish”) in harpoon whaling attacks.

Whaling involves tricking executives and directors through phishing campaigns to steal or siphon large sums of money. Harpoon whaling, on the other hand, involves extensive research on targeted individuals. This attack is a highly targeted social engineering scam that involves emails crafted with a sense of urgency and that contain personalised information about the targeted executive or director.

With AI tools becoming increasingly adept at creating text that can seem human-crafted, the effort needed to attack executives has been drastically reduced, making the targeting of hundreds of thousands of executives easier than ever before. As innovations continue to evolve and involve more data, threat actors have also been finding more ways to victimise people.