As digital transformation progresses, robust and resilient cybersecurity is becoming a non-negotiable prerequisite to ensure market integrity. In Africa, however, this remains a significant challenge, with many organizations still unprepared for cyberattacks.
Today, October 17, the deadline imposed by hacker group Karakut before publishing the 102 gigabytes of strategic data it stole from the Senegalese Telecommunications and Posts Regulatory Authority (Artp) is expiring. Last week, the group claimed a cyberattack against the public institution requiring ransom payment to avoid the publication of the stolen strategic data.
The regulator is not the only victim of that group, which claimed attacks on several other companies. Nevertheless, as of October 15, it was still among the few institutions that had refused to negotiate with the hackers.
According to IT consulting firm Accenture, Kakakurt has been active since June 2021. The group targets small and medium-sized organizations. It gradually infiltrates a computer system to extract data but it does not inject potentially destructive malware. After extraction, it switches to ransomware blackmail asking the attacked targets to pay ransom to avoid having their data released to competitors or the public. Accenture explains that the group adapts its attack to the victims’ environments, favoring "Living off the Land (LotL)" attacks that leverage legitimate software and functions on victims’ systems to perform malicious actions (according to cybersecurity firm Kaspersky).
In June 2022, the U.S. Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), the Treasury Department, and the Financial Crimes Enforcement Network (FinCEN) issued a joint cybersecurity advisory calling out businesses and organizations about Karakurt's actions. They reported that known ransom demands ranged from US$25,000 to US$13,000,000 in Bitcoin.
In its latest Global Cybersecurity Index report, published in 2020, the International Telecommunication Union (ITU) reported that only 23 African countries had a national cybersecurity strategy. At the same time, only nineteen had a cyber attack alert and response center (CERT) while Only 31 had legislation on illegal access to information systems and six had cybersecurity skills development mechanisms. Only 15 countries had a level of cybersecurity preparedness above the global average with Mauritius remaining the leader on the continent, since 2014.
Muriel Edjo
From Dakar to Nairobi, Kampala to Abidjan, mobile money has become a lifeline for millions of Africa...
Airtel Gabon, Moov sign deal to share telecom infrastructure Agreement aims to cut costs, boo...
• WAEMU posts 0.9% deflation in July, second month in a row• Food, hospitality prices drop; alcohol,...
Malawi votes in high-stakes presidential election Tuesday Economic crisis, inflation dominate vot...
Vision Invest invests $700m in Arise IIP, Africa’s largest private infrastructure deal in 202...
• Africa plans OPEC-style minerals bloc, but execution will decide if it gains real global leverage.• Continent holds cobalt, lithium, PGMs, copper,...
• Côte d’Ivoire secures $322.5M U.S. energy compact from MCC• Deal funds battery storage, grid upgrades, institutional reforms• Supports 100%...
• Côte d’Ivoire approves bill to support SMEs and mid-sized firms• Bill defines businesses, expands local content in public projects• Introduces new fund,...
• Tanzania's 2025/2026 cashew harvest could reach 700,000 tonnes.• Forecast represents a 33% increase from 2024's record 528,000 tonnes.• Only 2% of...
Surprisingly, only one African song made it onto Rolling Stone's list of the 500 Greatest Songs of All Time. The track is "Essence," a collaboration...
The Umhlanga Festival, also known as the “Reed Dance,” is one of the most iconic cultural events in the Kingdom of Eswatini in Southern Africa. Every...