Hello

Your subscription is almost coming to an end. Don’t miss out on the great content on Nation.Africa

Ready to continue your informative journey with us?

Hello

Your premium access has ended, but the best of Nation.Africa is still within reach. Renew now to unlock exclusive stories and in-depth features.

Reclaim your full access. Click below to renew.

Cyberattacks rise by 47.5m on shift to online banking, remote working

Cyberattacks

Cyberattacks increased by 47.5 million last year as hackers exploited new vulnerabilities caused by the rapid shift to digital services including online banking, e-commerce and remote working.

Photo credit: Shutterstock

Cyberattacks increased by 47.5 million last year as hackers exploited new vulnerabilities caused by the rapid shift to digital services including online banking, e-commerce and remote working.

The Communications Authority of Kenya (CA) said the country’s transition to a digital economy has attracted the attention of increasingly sophisticated cybercriminals locally and globally.

CA data shows the National Kenya Computer Incident Response Team – Coordination Centre (National KE-CIRT/CC) detected 43 per cent more cyber threats or 158.4 million in the year to June 2021 up from 110.89 million in 2020.

The National KE-CIRT/CC, which was launched in August 2017 and operates day and night throughout the year, is charged with detecting, preventing and responding to various cyber threats and is equipped with state-of-the-art systems to stop cyberattacks.

“This surge in cyber threats directed at local targets was attributed to increased internet penetration, uptake of e-commerce and cloud-based services to support remote working as well as a rise in the use of social media,” said CA.

Effects of Covid-19 pandemic

The onset of the Covid-19 pandemic has seen a rapid shift to remote working, e-commerce, online banking as well as digitisation of government services. The data shows malware attacks, including ransomware attacks, shot up 20 per cent during the period to 122.5 million up from 101.6 million in the previous year with criminals targeting the increasing availability of data of their would-be victims to infect their systems with malicious software.

At the same time, distributed denial of service (DDoS) attacks grew more than ten times to 17.6 million attacks up from just 1.4 million such attacks the previous year.

Cyberattacks on web applications also more than doubled to 16.2 million up from 7.6 million due to the increased adoption of mobile apps. CA said cybercriminals take on various forms including insiders, hacktivists, organised cybercriminals, cyber terrorists and even state-sponsored threat agents.

Complex systems and techniques

CA warned individuals and organisations to be on high alert as the hackers are increasing using complex systems and techniques to carry out their attacks.

“The country is facing the risk of escalation of data breaches and theft of proprietary information, financial loss, reputation loss, and destruction of equipment, denial of services, unauthorized access to critical systems and theft of Personally Identifiable Information (PII).”

CA is issuing more advisories to organisations on detected cyber threats.

The agency issued 93,860 advisories to firms targeted for cyber-attacks, an increase from 71,375 in the previous year and a sharp rise from just 164 advisories issued in the year to June 2017.

Sim-swap criminals

This comes at a time Kenyans are increasingly getting concerned over Sim-swap criminals who are using sophisticated technologies to empty their victims’ mobile money wallets and banks accounts dry.

The fraud focuses on shifting control of the victim’s phone account from their Sim card to one controlled by the hacker.

Kenyans are now piling pressure on the three leading telcos — Safaricom, Airtel Kenya and Telkom Kenya — to strengthen the authentication and security measures governing the registration and replacement of mobile phone numbers.

This week, Safaricom told their customers to use strong passwords, keep their personal information off social media and activate anti-swapping by dialling *100*100#.