Zimbabweans are the type of people who would laugh at you if they saw a top-end safe in your home housing just $7.53. If you can’t handle ridicule, don’t try to go to a bank to deposit $4.
We have a terrible attitude when it comes to security. We’ve convinced ourselves that we are too poor to be targeted by criminals. The logic goes, what kind of criminal would waste time trying to pickpocket a failed state (hyperbole) and its struggling companies and institutions?
Well, the criminals have given us an answer. They’re not about to pass up a quick buck.
If you were a pickpocket and saw a guy with a $5 note hanging out of his pocket, would you ignore that to focus on the lady you saw shove $500 into a handbag? You’d grab the $5 and then turn your attention to the handbag.
Ladies and gentlemen, Zimbabwe is that guy with the $5 note hanging out of his back pocket. Our lax cybersecurity attitudes have come to bite us where the sun doesn’t shine. The thieves are coming for that $5 note.
Zimbabwe is third most attacked country
Reports show that Zimbabwe is the third most attacked country in the world. Check Point Software Technologies released the Global Threat Index for July 2024, revealing this concerning information.
Check Point measures how well a country’s cybersecurity defenses match up against the cyber threats it faces. It also considers the number of attacks and the number of impacted organizations within each country.
The gap/metric (Normalised Risk Index, or NRI) is given as a percentage. The bigger the gap, the more dire the situation.
Zimbabwe has an NRI of 77%. Sheesh. We are sitting ducks here. That’s good for 3rd in the world and second in Africa. Ethiopia is doing internet completely wrong, coming in with an NRI of 100%.
Our neighbours fare better. Zambia is 63rd with an NRI of 40.5%, while South Africa is 59th with an NRI of 42%.
These are bad scores. It’s just that Zimbabwe and Ethiopia are doing much worse.
What threats?
What’s really going on in Zimbabwe? Check Point has a live cyber threat map that shows just how active cybercriminals are. On this very day, there have been over 10.6 million attacks globally.
Focusing on Zimbabwe, we find that in the last 30 days, these are the malware type trends and the percentage of affected organizations:
It makes for grim reading. It shows that 17.1% of organizations were affected by Botnet attacks.
Elsewhere in the report mentioned above, we find that Phorpiex, known for orchestrating large-scale spam campaigns, has been particularly active in Zimbabwe and Mozambique.
It’s not just Check Point saying this, lest you think they were hired by economic saboteurs to smear the good name of Zimbabwe.
Interpol reports:
Worryingly, nearly half of the African countries surveyed reported ransomware attacks against their critical infrastructure between January 2023 and December 2023.
This includes attacks targeting government infrastructure, hospitals, financial institutions, and Internet service providers. To give a few examples, …. government institutions in Ethiopia, Senegal and Zimbabwe, and South African Internet service provider RSAWEB have all been subjected to ransomware attacks. Even the African Union faced a crippling attack from the BlackCat group (also known as ALPHV) against its internal network in 2023, …
Tiri kuitwa kanyama kanyama guys, they are picking us off one by one.
We can’t stay on this road
Much has been said about cybersecurity, and most of us have heard these things but never really considered that we were targets. I don’t believe we will see any change in our organizations’ resilience unless and until the general public finally takes cybersecurity seriously.
I cannot count how many IT guys I’ve spoken to who say there is little they can do about grown human beings still clicking on links from unknown senders in their emails.
Drop a flash drive on the ground, even a 2GB one, and someone’s father will plug it into their work computer to check if it works so they can take it home.
If we still can’t take cybersecurity 101 tips seriously, we’re in deep trouble.
This explains why, when we talked about Google advising users to disable 2G on their phones because criminals are exploiting it and using false base stations to spam and spread malware, a good number of people thought Google was merely trying to get us to buy new equipment.
It also explains why, when one of the biggest financial institutions in the country was hacked, we quickly moved on to the EPL coming back.
At this point, it looks like we will only take this seriously when we personally suffer losses. That’s the hardest way to learn the lesson.
Below are a number of articles that touch on basic cybersecurity tips:
- Safeguarding data privacy: Top 10 tips for organisations in Zimbabwe
- You’re not too small to be a victim, protect your business from DDoS attacks
- As we celebrate Computer Security Day let’s remind each other of these good habits
- US$30 million lost to Ponzi schemes this year, here’s how you can spot these scammers
- How to protect yourself from massive cyber-attack #WannaCry FAQ
Share
Home
What’s your take?