In the past week, the Kenyan government has been on high alert as hackers attempted to breach its websites, resulting in significant service disruptions for citizens. The cyber attackers also targeted the private sector, causing concerns about the nation’s cybersecurity infrastructure. Fortunately, the government’s cybersecurity measures proved successful in thwarting the attack on their service portals.
The hacking attempt on government websites involved a sophisticated method of overloading the systems through an influx of extraordinary requests, aiming to clog the servers. ICT Cabinet Secretary Eliud Owalo confirmed that the attack was unsuccessful in gaining unauthorized access to sensitive government information. However, the sheer volume of malicious traffic caused over 5,000 government services from more than 100 ministries, counties, departments, and agencies on the e-citizen platform to become inaccessible during the period of attack.
Not only did the government suffer from cyber threats, but major utility service providers also faced disruptions due to network breakdowns. Kenya Power issued a statement acknowledging a system failure stemming from a network breakdown at its service provider. Similarly, Safaricom, a leading telecommunications company, experienced interruptions in its services, affecting important functions such as Lipa na M-Pesa, Mshwari, and Bank to M-Pesa service.
The scale of cyber threats in Kenya has been a cause for concern in recent months. Between January and March of this year, the Communications Authority of Kenya (CA) detected a staggering 187,757,659 cyber threats within the country and issued 3,584,966 advisories to counter these malicious activities. The majority of the threats were related to web application attacks, with 128,514 detected during the specified period. Additionally, 26,400,530 instances of malware and Distributed Denial of Service (DDoS) attacks were also recorded.
Leading cybersecurity experts, including PwC, have identified cybercrime as the most disruptive economic crime globally. The rapidly advancing techniques employed by cyber criminals have led to fewer but more lucrative attacks, posing a significant challenge for businesses and governments alike. PwC’s 2022 Global Economic Crime and Fraud Survey highlighted that the COVID-19 pandemic accelerated the adoption of technology platforms in various organizations, particularly in small and medium-sized enterprises (SMEs). While this technological shift offers numerous benefits, it also exposes organizations to new and evolving cyber risks, necessitating robust measures to protect against potential financial, reputational, and regulatory damage resulting from cyber attacks.
Looking forward, cybersecurity authorities in Kenya and private sector entities will need to collaborate closely to strengthen their defenses against cyber threats. A proactive approach to identifying and mitigating vulnerabilities, along with investments in cutting-edge cybersecurity solutions, will be crucial in safeguarding the nation’s critical infrastructure and maintaining the smooth functioning of digital services for its citizens.