TAMING e-FRAUD
Kenya is among African countries facing a possible increase in cybercrime in 2021, according to Kaspersky, a global cybersecurity firm.
New data shows Kenya Computer Incident Response Team – Coordination Centre (National KE-CIRT/CC) detected 35.2 million cyber threat events between July and September 2020.
This represented a 152.9 per cent increase from the 13.9 million threat events detected in the previous quarter, according to data from the Communications Authority of Kenya,
Covid-19 pandemic has accelerated the uptake of e-commerce and cyber threats, with an increase of malware and web application attacks being detected.
Out of the 35.2 million cyber threats, 31,842,635 were malware compared to 12,508,275 recorded between April to June 2020. This represents a 154.6 per cent increase. 1,245,451 were DD0S/Botnet compared to only 267,931 recorded in the previous quarter – a 364.8 per cent.
A DDoS (Distributed Denial of Service) attack is a malicious attempt to make a server or a network resource unavailable to users.
It is achieved by saturating a service, which results in its temporary suspension or interruption.
Occasionally referred to as a “zombie army,” a botnet is a group of hijacked Internet-connected devices, each injected with malware used to control it from a remote location without the knowledge of the device’s rightful owner.
Web application attacks increased by 86.6 per cent to 2,057,369 from 1,102,840 the previous quarter. System vulnerabilities, however, reduced by 5.1 per cent to 28,482 from 30,023 between April and June.
During this period, there was also an increase in online abuse and online fraud cases reported to the National KE-CIRT/CC. National KE-CIRT/CC also received 354 requests from investigative agencies.
This was a 36.15 per cent increase in requests received as compared to 260 in the previous period of April and June 2020. During this period, there was an increase in child online abuse, online abuse, and online fraud.
Of these requests, 1.7 per cent related to child online abuse, 36.2 per cent being attributed to online abuse, and 27.4 per cent are linked to online fraud.
Kaspersky noted that Kenya is among African countries facing a possible increase in cybercrime in 2021.
“Thanks to the increased connectedness of people, the rise in unemployment will not only see a spike in traditional crime, but this will also extend to the digital environment – something we already see,” Lehan van den Heever, Enterprise Cyber Security Advisor for Kaspersky in Africa, said.
Kaspersky security solutions in September 2020 reported 28 million malware attacks and 102 million detections of potentially unwanted programs (pornware, adware, among others), where South Africa, Kenya, and Nigeria were the most affected.
Co-operatives in Kenya especially Saving and Credit Co-operatives (Saccos), are among the major targets. Many have improved their digital services to serve members better. According to the World Council of Credit Unions (WOCCU), an increased focus on digitization will force credit unions (Saccos) and other financial co-operatives to navigate a complicated, intertwined, and often inconsistent set of regulations.
“And digitization plays a big part in some of the most complex and confusing regulations credit unions face. The increased use of cryptocurrencies and digital identity tools greatly impacts AML/CFT regulations. Meanwhile, data breaches, identity theft, and cyberattacks are all causing regulators to update privacy and open banking laws. We will continue to advocate that those regulators apply proportionality when looking at any new rules in these areas, so they are not overly burdensome or costly for smaller, community-based financial institutions,” said Andrew Price, WOCCU Vice President of Advocacy.
Kaspersky notes organisations must pay special attention to generic malware as it will likely be used to deploy more sophisticated threats. Compounding this is the concern around hackers-for-hire and cyber mercenary groups targeting SMEs and financial institutions.
The Communications Authority of Kenya has been implementing a cyber-security management framework to help wade off cyber-attacks.
To mitigate cyber threats and foster a safer Kenyan cyberspace, the government established the National Kenya Computer Incident Response Team – Coordination Centre (National KE-CIRT/CC), a multi-agency collaboration framework that is responsible for the national coordination of cybersecurity, as Kenya’s national point of contact on cybersecurity matters.
The enactment of the Computer Misuse and Cyber Crimes Act of 2018 has gone a long way in strengthening this multi-agency collaboration framework, among other key facets that support national cybersecurity resilience.
The National KE-CIRT/CC detects, prevents, and responds to various cyber threats targeted at the country on a 24-hour, seven days a week basis, having commenced round-the-clock operations in 2017.
Sources: Communications Authority of Kenya and Co-op News team
