CONTACTS: +254 726879488 (Mobile)
+254770 455 116 (Office)
Get real time updates directly on you device, subscribe now.
By Steve UMIDHA
The danger of cybercrime and security breaches looms over several Kenyan businesses like a slow-moving storm.
In 2023, between October and December, the Communications Authority of Kenya (CA) says ransomware actors intensified their operations, targeting high-profile institutions and critical infrastructure, including hospitals, schools, and government agencies.
During the three-month period, CA in alliance with other agencies, detected over 1.2 billion cyber threat events, which represented a 943.01% increase from the 123 million threat events detected in the previous period (July to September 2023).
It attributed that rise to enhancement of “our cyber threat monitoring capabilities and the existence of vulnerable systems due to system misconfigurations.”
“Further, the increased exploitation of “system vulnerabilities” is also aligned to global trends, and relates to the global surge in the deployment and use of Internet of Things (IoT) devices which are inherently insecure,” it said.
The report also found that malware propagation surged during that period, infiltrating systems with harmful software, while phishing attacks became even more prevalent, targeting unsuspecting users through deceptive emails and websites.
The authority, in its findings also noted that hackers commonly targeted to steal user logins, credit card credentials and other types of personal and financial information, as well as gain access to private databases – a common leitmotif, judging by the worrying tendency, may well persist.
During the period under review, the National KE-CIRT/CC detected 13,221,698 malware threat attempts targeting critical infrastructure service providers – a 75.94% increase from the previous period, July to September 2023.
Majority of the attacks targeted organisations within the ICT sector as well as end-user devices, web applications and networking devices belonging to Internet Service Providers (ISPs) and cloud-based services.
“Most attackers exploited phishing campaigns and worms, which is a type of computer virus,” said CA’s Board Chairperson Mary Mungai.
Companies started reporting increased instances of pony-trekking, mainly through password compromises, due to the unprecedented changes in the way firms and their staff were forced to do business (working from home) particularly during the Coronavirus pandemic.
Password compromises and insider threats are considered the biggest cyber threats.
In response to the detected cyber threat events, the National KE-CIRT/CC says it issued 8,061,267 advisories during that period, which represented a 44.44% increase compared to the 5,580,972 advisories that were issued in a corresponding period, July to September 2023.
“There was a significant increase in the number of advisories related to system attacks during this period, with the advisories aimed at guiding users on keeping system software up to date, including regular patching of vulnerable systems, using strong passwords and multi-factor authentication, and hardening of firewall configurations,” it noted.
Unsurprisingly, social media platforms Facebook, X (formerly Twitter), Telegram, Instagram, YouTube, TikTok, Google, WhatsApp and various blogs, were the top podia that cyber threat actors leveraged to carry out diverse online harms whose objectives included stealing sensitive data, youth radicalization, reputational damage to individuals, revenge attacks and for financial benefit.
Most of the cases of impersonation reported to the National KE-CIRT/CC during the period were majorly committed on Facebook, X, Telegram, Instagram and TikTok, with the motive being mainly political, revenge attacks and for purposes of propagating fraud.
Victims reported to have lost money and consumer goods through these impersonating accounts. Also notable during this period was the use of Telegram by kidnappers to demand ransom, in an attempt to force the victims’ families to pay.
Financial Fortune is a digital financial news website and print business magazine published in Nairobi by Fortune & Transit Publishers Ltd and covers the financial services sector through news, views and extensive people coverage since 2018.
Recover your password.
A password will be e-mailed to you.