Kaspersky Security Network data for corporate users show that the number of backdoor computer malware detected in Q2 2022 in South Africa, Kenya and Nigeria increased significantly compared to the previous quarter, hitting new records and posing challenges to cybersecurity professionals in enterprise and government agencies.
Dr. Amin Hasbini, Head of Global Research and Analysis Team (GReAT), Middle East, Türkiye and Africa region at Kaspersky said that Backdoors enable a series of long unnoticed cyberespionage campaigns, which result in significant financial or reputational losses and may disrupt the victim organization’s operations. He recommended that corporate systems should be constantly audited and carefully monitored for hidden threats.
“Threat intelligence powers Kaspersky Anti Targeted Attack platform, with which is an ultimate endpoint detection and response solution that delivers all-in-one protection against complex and targeted attacks. It gives cybersecurity teams full visibility of the network, web, email, PCs, laptops, servers and virtual machines in public clouds”.
Dr. Amin Hasbini
Dangers of A backdoor
A backdoor is one of the most dangerous types of malware. Backdoors provide cybercriminals with remote administration of a victim’s machine. Unlike legitimate remote administration utilities, backdoors install, launch and run invisibly, without the consent or knowledge of the user.
Once installed, backdoors can be instructed to send, receive, execute and delete files, harvest confidential data from the computer, log activity and more.
Recently, Kaspersky discovered a hard-to-detect backdoor dubbed SessionManager that targeted governments and NGOs around the globe.
This backdoor was set up as a malicious module within the Internet Information Services (IIS), a popular web server edited by Microsoft. SessionManager enables a wide range of malicious activities from collecting emails to complete control over the victim’s infrastructure. First leveraged in March 2021, this backdoor hit government institutions and NGOs in Africa, South Asia, Europe and the Middle East. Many of the targeted organizations remain at risk.
South Africa saw the most significant increase in backdoor detections from Q1 to Q2 – by 140% to 11,872 cases, with the share of affected users increasing by 10%.
It was followed by Nigeria – backdoor detection saw a significant increase of 83% to 2,624 cases, with the share of affected users increasing by 24%. In Kenya, the number of detections increased in Q2 to 10,300 (53% increase from Q1), and the share of users affected by backdoors increased by 11%.
Protecting organizations against backdoors
Kaspersky experts recommend that organizations should focus their defense strategy on detecting lateral movements and data exfiltration to the Internet and pay special attention to outgoing traffic to detect cybercriminal connections.
It also urged organizations to back up data regularly and make sure that they can quickly access it in an emergency. It encouraged organizations to use a solution like Kaspersky Anti Targeted Attack with extended EDR at its core, which helps to identify and stop backdoor attacks in the early stages, before the attackers achieve their goals.
“Use a reliable endpoint security solution, such as Kaspersky Endpoint Security for Business (KESB) that is powered by exploit prevention, behaviour detection and a remediation engine that is able to roll back malicious actions. KESB also has self-defense mechanisms that can prevent its removal by cybercriminals”.
Kaspersky
Kaspersky is a global cybersecurity and digital privacy company founded in 1997. Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe.
The company’s comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky technologies and it helps 240,000 corporate clients protect what matters most to them.
READ ALSO: MPC To Hold An Emergency Meeting Today To Review Recent Developments In The Economy