Zimbabwe is third most attacked country in the world because cybersecurity is a joke us

Leonard Sengere

State agents using phones

Zimbabweans are the type of people who would laugh at you if they saw a top-end safe in your home housing just $7.53. If you can’t handle ridicule, don’t try to go to a bank to deposit $4.

We have a terrible attitude when it comes to security. We’ve convinced ourselves that we are too poor to be targeted by criminals. The logic goes, what kind of criminal would waste time trying to pickpocket a failed state (hyperbole) and its struggling companies and institutions?

Well, the criminals have given us an answer. They’re not about to pass up a quick buck.

If you were a pickpocket and saw a guy with a $5 note hanging out of his pocket, would you ignore that to focus on the lady you saw shove $500 into a handbag? You’d grab the $5 and then turn your attention to the handbag.

Ladies and gentlemen, Zimbabwe is that guy with the $5 note hanging out of his back pocket. Our lax cybersecurity attitudes have come to bite us where the sun doesn’t shine. The thieves are coming for that $5 note.

Zimbabwe is third most attacked country

Reports show that Zimbabwe is the third most attacked country in the world. Check Point Software Technologies released the Global Threat Index for July 2024, revealing this concerning information.

Check Point measures how well a country’s cybersecurity defenses match up against the cyber threats it faces. It also considers the number of attacks and the number of impacted organizations within each country.

The gap/metric (Normalised Risk Index, or NRI) is given as a percentage. The bigger the gap, the more dire the situation.

Zimbabwe has an NRI of 77%. Sheesh. We are sitting ducks here. That’s good for 3rd in the world and second in Africa. Ethiopia is doing internet completely wrong, coming in with an NRI of 100%.

Our neighbours fare better. Zambia is 63rd with an NRI of 40.5%, while South Africa is 59th with an NRI of 42%.

These are bad scores. It’s just that Zimbabwe and Ethiopia are doing much worse.

What threats?

What’s really going on in Zimbabwe? Check Point has a live cyber threat map that shows just how active cybercriminals are. On this very day, there have been over 10.6 million attacks globally.

Focusing on Zimbabwe, we find that in the last 30 days, these are the malware type trends and the percentage of affected organizations:

It makes for grim reading. It shows that 17.1% of organizations were affected by Botnet attacks.

Elsewhere in the report mentioned above, we find that Phorpiex, known for orchestrating large-scale spam campaigns, has been particularly active in Zimbabwe and Mozambique.

It’s not just Check Point saying this, lest you think they were hired by economic saboteurs to smear the good name of Zimbabwe.

Interpol reports:

Worryingly, nearly half of the African countries surveyed reported ransomware attacks against their critical infrastructure between January 2023 and December 2023.

This includes attacks targeting government infrastructure, hospitals, financial institutions, and Internet service providers. To give a few examples, …. government institutions in Ethiopia, Senegal and Zimbabwe, and South African Internet service provider RSAWEB have all been subjected to ransomware attacks. Even the African Union faced a crippling attack from the BlackCat group (also known as ALPHV) against its internal network in 2023, …

Tiri kuitwa kanyama kanyama guys, they are picking us off one by one.

We can’t stay on this road

Much has been said about cybersecurity, and most of us have heard these things but never really considered that we were targets. I don’t believe we will see any change in our organizations’ resilience unless and until the general public finally takes cybersecurity seriously.

I cannot count how many IT guys I’ve spoken to who say there is little they can do about grown human beings still clicking on links from unknown senders in their emails.

Drop a flash drive on the ground, even a 2GB one, and someone’s father will plug it into their work computer to check if it works so they can take it home.

If we still can’t take cybersecurity 101 tips seriously, we’re in deep trouble.

This explains why, when we talked about Google advising users to disable 2G on their phones because criminals are exploiting it and using false base stations to spam and spread malware, a good number of people thought Google was merely trying to get us to buy new equipment.

It also explains why, when one of the biggest financial institutions in the country was hacked, we quickly moved on to the EPL coming back.

At this point, it looks like we will only take this seriously when we personally suffer losses. That’s the hardest way to learn the lesson.

Below are a number of articles that touch on basic cybersecurity tips:

6 comments

What’s your take?

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

  1. Dzidzai

    A Big 5 IP from Fortinet and other related companies is a must for any organisation, I’m sure by now there are more advanced versions from the time I was in the corporate world.

    Gone are the days that the IT department was kept in the mail room and only called to plug in someone’s computer because it was was turning on.

    Its imperative that all government departments and agencies use .goz email domains instead of gmail, its a small investment that can save the country embarrassment and resources.

    A stitch in time saves 9

    Reply
  2. D.K.

    The thief will steal the $5 without thinking or planning. To steal the $500 the thief will have to consider that the person could be carrying a firearm, or there may be guards or bodyguards accompanying the person. The thief also knows the risk of stealing from those with large sums as they may be having easy connections with the authorities, and their money can afford them to get lawyers or bouncers and even hitmen! They also know that a lot of people do not report thefts and muggings, and the police are not interested in the small issues.
    Localisation, which blinkers us to not think beyond the boarders is the biggest threat. This has resulted in in international ICT companies and Audit Firms relocating to other countries or closing locally. Even the education system which has been localised seems to produce people who do not know or not care about what goes on outside our borders. Some of the countries and foreign companies we have large contracts with leave a lot to be desired if one gets basic information about the countries and companies that is readily available on the internet.
    We have a computer society and an internet society in the country but, like SADC, only the membership may be benefitting as they seem to be making themselves exclusive by not letting others tell about what they do.

    Reply
  3. Dzidzai

    Guys we have some of the best skills in the world. The lads pa ma grinder pa Unit J Water land are impressive. Come buy your gates here with fair pricing.

    Unfortunately our education system excluded them, either by income or other factors, but they can use their hands.

    In convinced these guys can make a bit that floats for our navy, even a mini sub, grinding and welding at its best.

    Brown Engineering Group (Prince Edward School Old boy)
    GDI Engineering Msasa (House boats can be patrol boats)

    Reply
  4. Mimi

    The offensive tone and wording leaves much to be desired.
    Are you Zimbabwean?
    Why do you have so much self hate?

    And next time please use recognized sources with proven Cases.

    Reply
  5. Anonymous

    what about the extremely poor practice which seems to be widespread of having everyday users accounts at administrator level?? Worse is that service providers/ fiscal support people all want to install software that doesnt operate properly when not run as admin or needs admin approval to run in the first place. The whole practice of IT as a whole needs to be fixed as well as the poorly engineered software that is being installed. The fiscal software is the WORST

    Reply
  6. Anonymous

    Maybe because we are top 3 country in piracy.
    Most people in Zimbabwe do not by music, Games or software it’s all piracy that’s why we always get attacked
    Imagine downloading a cracked windows software,cracked anti-virus software, cracked Call of Duty.

    Reply
Share
Home
Exit mobile version