By 
Participating in the Connected Banking East Africa Summit 2025, that took place on 12 March in Nairobi, Kenya, Kaspersky has underlined the need for an active cybersecurity strategy and a stage-by-stage cybersecurity approach in the financial industry. The company’s experts talked about the trends in the financial sector that pose cybersecurity risks and should be kept in mind by IT specialists, including AI-powered automation, open banking, cloud-based banking, regulatory technology, and digital currencies.
RELATED: Financial impact of cybercrime
Kaspersky’s latest threat intelligence data underscores the rising frequency and sophistication of cyber threats: in 2024, globally 467,000 malicious files were detected by Kaspersky daily, marking a 14% increase from the previous year. In Kenya ransomware attacks surged by 19% in 2024 compared to the previous year, the number of detected exploits rose by 55% and password stealers’ attacks grew almost 10%. In this threat landscape, the financial industry, undergoing rapid digitisation, remains one of the most targeted sectors for cyberattacks.
Another reality is that the crimeware ecosystem has become increasingly dynamic and adaptable, with affiliates adopting a “multi-platform” approach. Cyber attackers spread their operations across regions. For example, Kaspersky warned of the Grandoreiro banking trojan expanding from Latin America to Asia and Africa. In 2024, the threat targeted more than 1,700 financial institutions and 276 cryptocurrency wallets across 45 countries and territories. Among countries affected in Africa were Kenya, along with Algeria, Angola, Ethiopia, Ghana, Ivory Coast, Mozambique, Nigeria, South Africa, Tanzania, and Uganda.
“The finance sector’s inherent value and rapid digitisation make this sector one of the prime targets for cybercriminals. Breaches in the financial sector are considered the world’s second costliest after the healthcare industry,” said Bethwel Opil, Enterprise Client Lead at Kaspersky in Africa. “Financial institutions across East Africa need to evolve their security strategies to safeguard customers and protect critical assets. This includes securing endpoints, network and data; acquiring threat intelligence and raising cyber security awareness.”
In his presentation at the Summit, Andrey Semenyuchenko, Head of Corporate Security Solutions at Kaspersky, provided insights on emerging threats and protection strategies for financial institutions. AI-powered technologies help businesses to streamline operational processes and improve customer satisfaction. While at the same time AI is used by attackers to compromise organisations, for example in streamlined phishing attacks that gather sensitive data and deliver ransomware. Finance is the most impacted sector by Business Email Compromise attacks in Africa. AI-powered deepfake schemes is another problem, as they lead to the bypassing of biometric authentication and human errors.
Fraudulent schemes targeting payment systems is another cybersecurity issue that should be considered by financial institutions. Banking trojans target real-time payment systems and implement clipboard monitoring as a way of changing keys and stealing payments. According to Kaspersky statistics, the number of Trojan banker attacks on smartphones surged globally by 196% in 2024 compared to the previous year. Fake instant payment apps used to carry out different kinds of scams are also on the rise.
“Cybercriminals exploit vulnerabilities in open banking infrastructure, digital transactions, and cloud-based banking. In the context of the rise of AI-powered fraud, deepfake scams, and targeted phishing campaigns, finance organisations need a holistic cybersecurity strategy,” said Semenyuchenko. “By adopting active cybersecurity measures, including a multi-layered security strategy that incorporates extended detection and response (XDR) solutions, and by integrating advanced threat detection, AI-driven monitoring, and cybersecurity education, financial organisations can significantly reduce their risk exposure.”
