By Winnie Kamau
Nairobi, Kenya: Over 800 Million cyber threats aimed at Kenya’s Critical Information have been detected. This comes after Kenya experienced the worst Cyber Attack in July 2023 for the last 2 decades of Digital advancement. A cyber attack that saw the crippling of Government online Services like never before which left millions of its customers in disarray as they continued to figure out where they would get help. The DDOS attack almost brought the whole nation to a standstill while the recovery rate is still being felt now.
In the last two decades of digital growth, Kenya has encountered a significant increase in cyber threats, with over 800 million attacks targeting critical information. The worst cyberattack in Kenya’s history occurred in July 2023, severely disrupting government online services and leaving millions of customers in disarray. This Distributed Denial of Service (DDoS) attack nearly paralyzed the entire nation, and its effects are still being felt during the recovery process.
Christopher Wambua, The Former Ag.Director General of the Communications Authority (CA), as the ICT sector regulator, acknowledged the transformative power of innovation and technology, serving as the catalysts for social and economic development.
“You will agree with me that in the past two decades, we have witnessed wave after wave of technology transformation that has changed both production and consumption trends, and opened up new horizons in the development of innovative ICT solutions and applications. These developments clearly show that innovation and technology are the drivers of our social and economic development” said Christopher in his statement.
ICT has stood as the cornerstone of Kenya’s socio-economic progress, driving the nation toward its vision of a digitally transformed future. However, within the brilliance of this digital revolution lurked the shadows of a darker underbelly—cyber threats targeting critical information infrastructure, advanced social engineering, and online fraud.
Christopher unveiled the alarming reality of Kenya’s cyberspace. From July 2022 to June 2023, the National KE-CIRT/CC detected over 855 million cyber threats aimed at the heart of Kenyan critical information infrastructure. This unsettling revelation catapulted Kenya into the top three most targeted countries in the region, standing alongside South Africa and Nigeria. In response, the National KE-CIRT/CC issued a staggering 23,194,321 cyber threat advisories, a digital shield protecting the nation’s vital infrastructure.
“However, we are also cognizant of the underbelly of this digital transformation. Whether this takes the form of cyber attacks targeting critical information infrastructure, or advanced social engineering and online fraud, our citizenry are more exposed to online harms in the digital world.Indeed, Kenya’ s cyberspace is characterized by an increase in the frequency, sophistication and scale of cyber attacks targeted at our country” asserted Christopher.
Amidst this cyber battleground, the Authority took the helm, leading the national commemoration of October Cyber Security Awareness Month (OCSAM) under the theme ‘The Paradox of Progress: Securing a Digital Nation.’ Kenya joined hands with global counterparts, engaging stakeholders to fortify its cyber readiness and resilience.
A pivotal initiative emerged on the horizon— the 2023 CA Cybersecurity Bootcamp and Hackathon Series. This capacity-building endeavor targeted students, envisioning them as the future guardians of Kenya’s cybersecurity. The series unfolded nationally in Nairobi, Kisumu, Eldoret, Mombasa, and Nyeri, captivating the passion and engagement of students across the country. Fueled by this enthusiasm, plans were set in motion to expand the initiative to more counties.
The Authority’s investment in building the cybersecurity workforce echoed the urgency of securing Kenya’s cyberspace amidst an expanding attack surface. Recognizing the multifaceted nature of the challenge, efforts extended to frontline cybersecurity personnel, cyber awareness campaigns for citizens, and mentoring the next generation of cyber defenders through collaboration with academia, counties, and partners.
The second leg of the 2023 CA Cybersecurity Bootcamp and Hackathon Series involved study tours among Critical Information Infrastructures (CIIs) and industry leaders, coupled with mentorship for the series’ top performers. An invitation was extended to organizations from both public and private sectors to join in mentoring and placing the 2023 cohort.
As the OCSAM commemoration drew nearer, Christopher Wambua underscored a critical truth -cyber security starts at the individual level. Collaboration, he emphasized, was the key to enhancing the collective cyber posture. An open invitation resonated across public and private sectors, as well as civil society, urging them to join in creating awareness on cyber safety and fortifying the digital resilience of the nation.
In the period from July to September 2023, the National KE-CIRT/CC detected a total of 123,899,936 cyber threat events. This represented an 11.36% decrease from the 139,775,123 threat events detected in the previous period, from April to June 2023. The decrease was attributed to ongoing cyber awareness and capacity building efforts by the National KE-CIRT/CC, as well as the increased adoption of digital signatures in the country, facilitated by the licensing of four additional accredited Electronic Certification Service Providers (E-CSPs).
Despite the overall decrease in cyber threats, the impact of web application attacks was significant. One notable incident was the eCitizen DDoS attack, which led to the unavailability of online public services.
In response to the detected cyber threat events, the National KE-CIRT/CC issued 5,581,354 advisories between July and September 2023. This was a 48.05% decrease compared to the 10,742,859 advisories issued during the previous period from April to June 2023.
There was a significant increase in the number of advisories related to Brute Force attacks during this period. These advisories served to caution against the continued use of default and weak passwords on sensitive systems, such as IoTs and internet-enabled CCTV systems. In addition, the National KE-CIRT/CC issued advisories on Zero trust, anti-DDoS, updating of info security policies, the need for regular backups, cyber awareness, and the need to update software to patch known vulnerabilities.
When comparing the local cyber threat landscape to global trends, it appears that Kenyan Critical Information Infrastructures (CIIs) are more vulnerable to system attacks compared to the global average. This vulnerability can be attributed to lower levels of cybersecurity investment by CIIs and the use of outdated systems, which increases the risk of system attacks by both local and international cyber criminal rings.
During the three-month period from July to September 2023, the National KE-CIRT/CC detected 7,514,964 malware threat attempts targeting critical infrastructure service providers. This represented a 39.11% decrease from the last period from April to June 2023. This data underscores the ongoing challenges and complexities in managing cybersecurity threats, and the importance of continuous vigilance and proactive measures in this area.
With the appointment of the New Director General of CA, David Mugonyi, it is yet to be known how the outlook of 2024 will be and if his push as a newbie will be on rallying the Government to heavily invest in the Critical Information Infrastructure in the country.
