by SAVIOUS KWINIKA
JOHANNESBURG – SOUTH Africa has the unenviable record as the country worst affected by ransomware-related data leaks in the continent over the past year.
With 21 leaks, it is second only behind Israel (23) in the Middle East and Africa (MEA) region during the period.
Group-IB, a global cyber security company specialising in the investigation and prevention of these crimes, published the statistics.
In the MEA region, 150 companies had their information leaked on dedicated leak sites (DLS) during the reporting period.
Other affected countries in Africa were: Egypt (6 companies), Morocco (3), Angola (2), Botswana (2), Nigeria (2), Zambia (2 companies), Ivory Coast (2), and Burkina Faso, Congo, Ethiopia, Mali, Senegal, Tanzania and Tunisia (all 1).
The most active ransomware gang in the MEA market was Lockbit, responsible for 37 percent of publications of victims’ data from the region on designated leak sites.
Second in this list was Conti, a Russian-speaking ransomware group that launched the devastating ARMattack campaign at the end of 2021, which was responsible for 12 percent of leaks and third was Hive (4 percent).
According to Group-IB’s research, the number of companies that had their information uploaded onto DLS between the second half (H2) of 2021 and the second half (H2) of 2022 was up 22 percent year-on-year to 2 886, which corresponds to eight companies having their data leaked online every single day.
Dmitry Volkov, CEO at Group-IB, said it is worth noting that the number of victims whose data was published in the wake of ransomware attacks in H2 2020 – H1 2021 was 935 percent up from the preceding year.
“As a result, the 22% year-on-year growth seen in the observed period suggests that the Ransomware-as-a-Service market has passed the phase of rapid growth and is now beginning to stabilize,” he said.
– CAJ News