Rootkit detections in South Africa up by 74%

Issue 4 2023 News & Events, Information Security

As reported by Kaspersky, the number of rootkit detections targeting businesses in South Africa grew by 74% in the first five months of 2023. In Kenya, the figure is 52% and in Nigeria 139%.

A rootkit is a malicious software or a collection of software programs used by cybercriminals to snoop into a computer or network and gain administrator-level control. One of the most common methods used by cybercriminals to install rootkits is to compromise the supply chain of a specific victim.

The uniqueness of a rootkit lies in its considerable amount of stealth, which cybercriminals aptly use to conceal their presence while carrying out their malicious activity and bypass security controls. Often, rootkit detections are difficult to investigate and analyse. It’s highly evasive design enables cybercriminals to steal personal data, access financial information, install malware, and use computers as part of a botnet to circulate spam or launch DDoS attacks. Rootkit malware can remain on a computer for a very long time, causing significant damage.

“APT groups are the trendsetters of the cyberthreat landscape. They consider ‘stealth’ to be key for successful exploitative tactics because you cannot protect yourself from something you cannot see. A rootkit perfectly fits the type of technique they would use. As reported previously, some of the APT groups had started leveraging rootkits in their activities. This trend caught the attention of other APT groups, cybercriminals and hacker communities, creating a domino effect and resulting in an increased use of rootkits,” said Abdessabour Arous, Security Researcher, Global Research and Analysis Team at Kaspersky.

“Since a rootkit can be installed on any hardware or software platforms, it is becoming far more dangerous as IoT and cloud technologies create a well-connected and integrated environment.”

To protect governments and organisations against a rootkit, Kaspersky researchers recommend:

• Restrict access and establish strict security protocols for the use of admin privileges.

• Use the latest version of operating systems that can mitigate rootkit deployment.

• Ensure all security features of your operating systems are activated.

• Update your Unified Extensible Firmware Interface (UEFI) firmware regularly. Use software from trusted vendors only.

• Ensure you use robust cybersecurity solutions that can eliminate risks from your IT supply chain as third-party attacks are gaining momentum.

• Leverage services like the Kaspersky Threat Intelligence to leverage real-time insights on cyberthreat tactics, techniques, tools and methods.

• Having an incident response process and security monitoring capabilities in place is also helpful.




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Highest increase in global cyberattacks in two years
Information Security News & Events
Check Point Global Research released new data on Q2 2024 cyber-attack trends, noting a 30% global increase in Q2 2024, with Africa experiencing the highest average weekly per organisation.

Read more...
From the editor's desk: A burning issue
Technews Publishing News & Events
      Welcome to the first publication from SMART Security Solutions devoted to the fire industry. In the BMI report, sponsored by the Elvey Group, released earlier this year, fire was the smallest component ...

Read more...
From the editor's desk: Keeping them out, keeping you aware
News & Events
Alarm, intrusion, and perimeter protection have been part and parcel of South African society for years. Many years ago, a home alarm consisted of wires covering one’s windows, which caused an alarm ...

Read more...
SMARTpod talks to The Risk Management Forum
SMART Security Solutions Editor's Choice News & Events Security Services & Risk Management Videos Training & Education
SMART Security Solutions recently released its first SMARTpod podcast, discussing the upcoming Risk Management Forum Conference 2024, which will be held on 26 September 2024 at the Indaba Conference Centre in Fourways, Johannesburg.

Read more...
There is a SaaS for everything, but at what cost, especially to SMEs?
Editor's Choice Information Security Security Services & Risk Management
Relying on SaaS platforms presents significant cybersecurity risks as the number of providers in your landscape increases, expanding your attack surface. It is important to assess the strength of the SaaS providers in your chain.

Read more...
New State of Physical Access Control Report from HID
HID Global Editor's Choice Access Control & Identity Management News & Events
HID released the 2024 State of Physical Access Control Report, identifying five key trends shaping access control's future and painting a picture of an industry that has been undergoing considerable transformation.

Read more...
Addressing today’s mining challenges: cyber risks beyond IT
Editor's Choice Information Security Mining (Industry)
Despite the mining industry’s operational technology systems being vulnerable to cyberattacks, many decision-makers still see these threats as purely an IT issue, even though a breach could potentially disrupt mining operations.

Read more...
Workforce Consortium to reskill 95 million people
Editor's Choice News & Events AI & Data Analytics
ICT Workforce Consortium of global leaders has come together, committing to train and upskill 95 million people over the next 10 years, as 92% of jobs analysed are expected to undergo either high or moderate transformation due to advancements in AI.

Read more...
How to effectively share household devices
Smart Home Automation Information Security
Sharing electronic devices within a household is unavoidable. South African teens spend over eight hours per day online, making device sharing among family members commonplace. Fortunately, there are methods to guarantee safe usage for everyone.

Read more...
Tech Trailblazers seeks the most innovative and diverse investors in enterprise tech
News & Events
This year, the global enterprise tech startup awards, the Tech Trailblazers, is looking for the most innovative and diverse VCs as well as its usual hunt for groundbreaking tech start-ups.

Read more...