Zambia has the highest risk profile, with Nigeria in second position. Uganda, Malawi, and South Africa are ranked 7th, 8th, and 9th respectively. South Africa, in particular, demonstrated a significant jump in ranking, having moved up from 22nd position since last month.
The Index also revealed that more than one in four organisations globally was affected by the Fireball or WannaCry attacks during May.
Two of the top three malware families that impacted networks globally were zero-day, previously unseen attacks. Fireball impacted one in five organisations worldwide, with second-placed RoughTed impacting 16% and third-placed WannaCry affecting nearly 8% of organisations globally. The two malware variants, Fireball and WannaCry, rapidly spread worldwide throughout the month of May.
The most prevalent malware highlight the wide range of attack vectors and targets cyber-criminals are utilising, impacting all stages of the infection chain. Fireball takes over target browsers and turns them into zombies, which it can then use for a wide range of actions including dropping additional malware, or stealing valuable credentials.
By contrast, RoughTed is a large-scale malvertising campaign, and WannaCry takes advantage of a Windows SMB exploit called EternalBlue in order to propagate within and between networks. WannaCry was particularly high profile, bringing down a myriad of networks worldwide.
In addition to the top three, there were also other new variants of malware seen within the top ten of the index including Jaff (8th) another form of ransomware, demonstrating how profitable this particular attack vector is proving for malicious parties.
*The arrows relate to the change in rank compared to the previous month.
In mobile malware, Hummingbad returned to the top of the list and was closely followed by Hiddad and Triada:
Commented Rick Rogers, area manager for East and West Africa at Check Point Software Technologies: "Organisations need to remember that the financial impact from cyber attacks goes way beyond the initial incident. Restoring key services and repairing reputational damage can be a very long and expensive process. As such, organisations in every industry sector need a multi-layered approach to their cybersecurity. Our SandBlast Zero-Day Protection and Mobile Threat Prevention, for example, protect against the widest range of continually evolving attack types, and also protect against zero-day malware variants."
Check Point's Global Threat Impact Index and its ThreatCloud Map is powered by Check Point's ThreatCloud intelligence, the largest collaborative network to fight cybercrime which delivers threat data and attack trends from a global network of threat sensors. The ThreatCloud database holds over 250 million addresses analysed for bot discovery, more than 11 million malware signatures and over 5.5 million infected websites, and identifies millions of malware types daily.