We’ve been hacked! What do we do? A simple guide to being safe

This is likely a common concern for many in Kenya. But the impact of the cyberattack could be more severe.

To increase awareness among the public, there needs to be continuous efforts to simplify the technical language used in cybersecurity. It is essential to communicate this information in a way that is easily understandable for non-tech-savvy individuals. In my opinion, there is a need to improve cyber awareness among the public to better protect personal and financial information.

Below are some steps which an individual could use to protect themselves.

Be wary of phishing emails and calls. Phishing emails are unsolicited emails seeking to gather more information about the recipient. Cybercriminals often use phishing emails and calls to trick people into giving out their personal information. Be cautious of any unsolicited emails or calls that ask for your personal or financial information.

Monitor your accounts. Keep a close eye on your bank accounts and credit cards for any unauthorised transactions. If you notice any suspicious activity, report it to your bank or credit card company immediately. In this case, it is advisable to replace your credit cards.

Difficult to guess

Change passwords. It is advisable to change your password immediately you suspect foul play. Use strong and unique passwords that are difficult to guess for any accounts which you suspect have been compromised. Having two modes of authentication to access your account is best—a password and a one-time code sent to your phone.

Keep software up-to-date. Make sure that you are running the latest version of your operating system and software. This can help to protect your devices from known vulnerabilities that cybercriminals can exploit.

Educate yourself on cybersecurity. Take the time to educate yourself on cybersecurity best practices. There are many resources available online that can help you to understand the risks and how to protect yourself.

As a country, we may need to run cyber awareness campaigns to reach all citizens on the various available media. Furthermore, it is not just individuals who need to be aware of cybersecurity risks but also businesses and organisations.

Companies should have strong cybersecurity measures in place. These include having properly trained dedicated personnel in charge of cybersecurity, properly configured firewalls, up-to-date antivirus software and regular backups of important data. They should also provide regular cybersecurity training to their employees and have a plan in place to respond to cyberattacks should they occur.

Employees of organisations need to ensure that, additionally, using a virtual private network (VPN) when accessing the internet from public places, such as cafes or airports, can help to protect against cyberattacks.

In terms of improving cyber awareness among the general public, running cybersecurity campaigns on various media platforms can be effective. These campaigns should use simple and clear language to explain the risks and how to protect against them. Collaboration between the government, private sector and civil society organisations can also be helpful in promoting cybersecurity awareness and education.

- Ms Mwai is an assistant director of ICT at KeNHA. [email protected].