CA highlights IoT Security Breaches as Cybersecurity Awareness Month is marked

By Steve UMIDHA

During National Cybersecurity Awareness Month, there is a renewed commitment to safeguarding data and technologies from malicious hackers and cyber threats, calling upon citizens to enhance their cybersecurity knowledge. Additionally, there is a pledge to ensure that Kenya can fully benefit from the positive impacts of the digital future.

As the use of IoT devices continues to accelerate, a new concern by the Communications Authority of Kenya (CA) has highlighted the growing cybersecurity risks facing enterprises that fail to properly secure their connected devices.

In a statement to commemorate the 2024 October Cybersecurity Awareness Month (OCSAM), CA’s Director – General David Mugonyi noted that attackers also leveraging IoT and Artificial Intelligence (AI) tools to harvest credentials from device firmware. Adding that, using these credentials, aggressors can gain access to corporate networks or other systems storing sensitive data.

“System vulnerabilities remain the weak link with increased use of Internet of Things (IoT) gadgets, many of which are intrinsically unsafe. Other weaknesses include incorrect set-up of systems, outdated software and the changes brought about by emerging technologies like Artificial Intelligence (AI),” said Mugonyi.

Adding that, the Authority has in the last four years spearheaded national commemorations for OCSAM, through various initiatives geared at enhancing national cyber readiness and resilience.

Over time, the number, sophistication and severity of cyberattacks against Kenya’s vital information infrastructure sectors has exponentially risen. In the fiscal year ended June 2024, there were more than 3.5 billion attacks directed at the nation, with more than 90% of these incidents exploiting system vulnerabilities.

Kenya continues to seek strategic engagements in cross-cutting issues in cybersecurity governance, capacity and capability development, information sharing and cyber incident response.

In commemoration of this year’s OCSAM, Kenya and the United States, in collaboration with the Software Engineering Institute (SE1) plan to hold a regional event in October 2024 dubbed, “The African Regional Cyber Sector Collaboration Symposium ” to engender information-sharing frameworks between cybersecurity incident response teams for a more resilient cyberspace in Africa.

The 2024 OCSAM takes place against the backdrop of Kenya’s Tier 1 ranking in the International Telecommunications Union (ITU) Global Cybersecurity Index (GCI). This global recognition demonstrates the country’s leadership, commitment, readiness and resilience in cybersecurity.