According to Kaspersky Security Network data, the number of exploits detected in Q2 2022 in Africa decreased compared to Q1 – company’s security solutions have detected 149,211 cases in April-June 2022. However, the number of exploit detections is still at a high level and remains a major concern for cybersecurity specialists in commercial and government organisations.
Exploits are programs or pieces of code written by cybercriminals that are designed to take advantage of a bug or vulnerability in an application or operating system running on a local or remote system (PC, server, mobile device, IoT device, etc.). Using an exploit, attackers gain unauthorised access to the applications or operating systems on these systems.
Zero-day exploits – those relying on vulnerabilities that were previously unknown to the software vendor – are often used for cyberespionage on different organisations and are particularly dangerous for large businesses, government agencies, individuals with access to valuable data. Zero-day exploits were at the heart of some of the most infamous cyberattacks around the world, such as the Sony Pictures attack, Stuxnet, MysterySnail, PuzzleMaker and others.
In 2021, Kaspersky found 4 zero-day vulnerabilities in Microsoft products that cybercriminals could exploit – CVE-2021-28310, CVE-2021-31955, CVE-2021-31956, and CVE-2021-40449. They were discovered with Kaspersky’s Exploit prevention technology, which detects not only known exploits, but suspicious anomalies in programs’ behaviour as well – and therefore helps cybersecurity practitioners reveal new vulnerabilities.
According to Kaspersky data, the number of exploit detections decreased by 16% in Africa in Q2 compared to Q1 and reached 149,211.
South Africa saw the largest decrease in exploit detections in Q2 among the African countries – by 43% to 31,846 cases. It was followed by Nigeria – exploit detection saw a decrease of 30% to 10,758 cases. In Kenya the number of detections remained almost unchanged in Q2 at 106,607 (1% increase from Q1).
“Over the last years we have seen the attackers’ firm interest towards zero-day exploits – vulnerabilities previously unknown to vendors that pose a serious threat to all users, home and corporate. These exploits give attackers an easy access to victims. That’s why it is important not only to constantly update your systems, but also to install security solutions that proactively discover unknown threats.
“Of equal importance is providing your cybersecurity team with access to the latest threat intelligence and regular professional trainings,” comments Dr. Amin Hasbini, Head of Global Research and Analysis Team (GReAT), Middle East, Turkey and Africa region at Kaspersky.
Adding: “Kaspersky’s Exploit Prevention technology was designed to add an additional layer of protection for the most frequently targeted programs and technologies. It provides an efficient and non-intrusive way for blocking and detecting both known and unknown exploits. EP is an integral part of Kaspersky’s behaviour-based detection capabilities.”
To protect your organisation from exploits, Kaspersky experts recommend:
- Update your device’s OS and other third-party software as soon as possible and do so regularly
- Use a reliable endpoint security solution such as Kaspersky Endpoint Security for Business that is powered by exploit prevention, behaviour detection and a remediation engine that is able to roll back malicious actions.
- Provide your SOC team with access to the latest threat intelligence and regularly upskill them with professional training.
- Along with proper endpoint protection, dedicated services can help against high-profile attacks. The Kaspersky Managed Detection and Response service can help identify and stop attacks at the early stages before attackers achieve their goals.