Kenyan Small Businesses Experience 47% Increase in Cyber Attacks

When a small business owner is juggling production economics, financial reporting, and marketing, cybersecurity might seem complicated and, at times, pointless.

Cybercriminals, on the other hand, are taking advantage of this lack of concern for IT security. Researchers from Kaspersky compared the dynamics of assaults on small and medium-sized firms between January and April 2022 and the same time in 2021 to see which dangers are posing a greater threat to entrepreneurs.

When compared to the same period in 2021, the number of Trojan-PSW (Password Stealing Ware) detections in Kenya grew by 16 percent in 2022, with 12 639 detections compared to 10 934 in 2021.

Trojan-PSW is a piece of malware that collects passwords and other account information, allowing attackers to gain access to a company’s network and steal sensitive data.

Internet attacks, such as web pages with exploit redirects, sites with exploits and other harmful applications, botnet C&C centers, and so on, are another common attack method used against small enterprises in Kenya. In the country, the number of these attacks has climbed by 47 percent. Kaspersky researchers discovered 130 111 infections in the first four months of 2022, compared to 88 455 infections in 2021.

Many firms have implemented the Remote Desktop Protocol (RDP), a technology that allows computers on the same corporate network to be linked together and accessed remotely, even when employees are at home, as part of the shift to remote working. While the aggregate number of attacks on RDP in Kenya has fallen slightly, the danger remains a global concern. For example, there were around 47.5 million attacks in the first trimester of 2021 in the United States, compared to 51 million in the same period in 2022.

Having a unique security solution allows for attack visualization and gives IT administrators a useful tool for event analysis. The earlier they can figure out where and how a leak happened, the better equipped they’ll be to deal with any unwanted ramifications. Kaspersky Endpoint Security Cloud Pro is a new edition of Kaspersky Endpoint Security Cloud that includes advanced new features such as automated response options and an expanded range of security controls in a single solution. For IT professionals looking to improve their cybersecurity abilities and get the most out of their specialized security equipment, the Pro version offers built-in training.

Even small firms with minimal IT resources must safeguard all of their working equipment against cyber attacks, including computers and mobile phones. The revised Kaspersky Small Office Security is a critical tool for startups, small online retailers, and local businesses to safeguard all of their work equipment, safely transfer any valuable business-related files, and prevent becoming ransomware victims.

“Security measures must adapt to enable these sophisticated setups as the trend to remote working and the introduction of multiple new technologies into the daily operations of even small businesses continues.” Cybercriminals are already well ahead of the curve, to the point where practically every company will be breached at some point. It’s no more a question of if, but when, a cybersecurity catastrophe would strike a small business. According to Denis Parinov, a security researcher at Kaspersky, “having qualified workers and an educated IT professional is no more a luxury but a must-have aspect of your business development.”

To protect your business, Kaspersky recommends:

• Provide your staff with basic cybersecurity hygiene training as many targeted attacks start with phishing or other social engineering techniques.
• Using a protection solution for endpoints and mail servers with anti-phishing capabilities to decrease the chance of infection through phishing emails.
• Taking key data protection measures. Always safeguard corporate data and devices, including by using password protection, encrypting work devices, and ensuring data are backed up.
• Keeping work devices physically safe – do not leave them unattended in public, always lock them and use strong passwords and encryption software.