Cybersecurity personnel in big and small organizations worldwide have faced the threat of backdoor hacking, and for many, the threat is mounting. In South Africa, Kenya and Nigeria, studies showed a significant increase in the number of backdoor computer malware attacks detected in Q2 2022. The malware has hit new records and continues to pose challenges to cybersecurity professionals in enterprise and government agencies.
A backdoor is one of the most dangerous types of malware, defined as any kind of access that allows unauthorized user entry into our devices via hardware/firmware alterations or software corruption using malware files, including spyware, rootkits, trojans, ransomware and so on.
Recently researchers discovered a hard-to-detect backdoor dubbed SessionManager that targeted governments and NGOs around the globe. This backdoor was set up as a malicious module within the Internet Information Services (IIS), a popular web server edited by Microsoft. From collecting emails to gaining complete control over the victim's IT infrastructure, SessionManager can enable a wide range of malicious activities.
South Africa saw the most significant increase in backdoor detections from Q1 to Q2 – by 140% to 11,872 cases, with the share of affected users increasing by 10%. It was followed by Nigeria, where backdoor detection saw a significant increase of 83% to 2,624 cases, with the share of affected users increasing by 24%. In Kenya, the number of detections increased in Q2 to 10,300 (up 53% from Q1), and the share of affected users increased by 11%.
“Backdoors enable a series of long unnoticed cyberespionage campaigns, which result in significant financial or reputational losses and may disrupt the victim organization’s operations. Corporate systems should be constantly audited and carefully monitored for hidden threats,” according to research.