New ISP, Surf intensifies Kenya spot

ISP Surf intensifies Kenyan spot

Firm will pursue mergers with IT companies.

Monday, Nov 20th

South Africa, Ivory Coast top list of African WannaCry ransomware targets

South Africa, Ivory Coast top list of African WannaCry ransomware targets

WannaCry, the ransomware campaign that has wreaked havoc globally, has reached a total of 34,300 attack attempts in 97 countries according to research conducted by Check Point Software Technologies.

Data compiled by another security company Fortinet shows that South Africa leads the pack among the African countries affected followed by Ivory Coast and Nigeria.

Egypt, Algeria and Morocco complete the top six countries, while only a small number of attacks have been located in the rest of the continent.

Simon Bryden, a consulting systems engineer at Fortinet, compiled the data on how the attacks have progressed on the continent.

"Total hits on the Microsoft vulnerabilities (those patched by the Microsoft patch MS-17-010) over the last 7 days are around 1500 which is very low compared with the global number. Of course, there are potentially other attack vectors (for example email delivery) although no-one has been able to confirm this so far. There is also the entry via the DoublePulsar backdoor which is not counted here because this has also used for other attacks and would skew the numbers. In summary, South Africa and Cote D'Ivoire saw the brunt of the attacks. The most attacked vertical was healthcare, similar to what was seen in the UK, and large companies were also the most targeted."

A breakdown of WannaCry by vertical from the results of Fortinet's research shows transport & logistics is second to Healthcare followed by food & beverage with media/communications in fourth place.

Rick Rogers is the Area Manager for East and West Africa at Check Point Software Technologies. The company found that the top country from where attack attempts were registered is India, followed by the USA and Russia.

"Although we see it slightly slowing down, WannaCry is still spreading fast, targeting organisations across the world. WannaCry is a wake-up call, showcasing how damaging ransomware can be and how quickly it can cause disruption to vital services."

Check Point researchers found that those affected by WannaCry are unlikely to retrieve their files, even if they do pay the ransom. The researchers say a problematic payment and decryption system and false demo of the decryption operation puts into question the capability of WannaCry's developers to deliver on their promises to decrypt files.

The three bitcoin accounts associated with the WannaCry campaign have accumulated approximately US$77,000 according to the research, although unlike many other ransomware types, not a single case has been reported of anyone receiving their files back.

ALSO ON ITWEB AFRICA

Egypt's ICT Ministry looks for new international partners Published on 31 October 2017

North African country's new ambassadors to Russia and Serbia urged to prioritise mutual cooperation in ICT.

South Africa, prepare for more cyber attacks Published on 14 November 2017

Fortinet's message to the market is that the responsibility to govern security and its portfolio across the company is no longer confined to only a section of the board.

PartServe is now an authorised spare parts distributor for Samsung printers Published on 20 November 2017

PartServe has announced that it has been appointed as the authorised spare parts distributor for Samsung printers in South Africa in an extension of an existing agreement with Hewlett Packard.

Nigeria's recession 'a blessing in disguise' for tech-focused firms Published on 07 November 2017

Oracle's regional manager explains why cloud, IoT and robotics continue to make a difference.