Cyber crooks hijack Kenya’s coveted digital revolution

September 24, 2018 12:56 pm28 comments
Riaan Badenhorst - Kaspersky Lab

Riaan Badenhorst – Kaspersky Lab

from MARIA MACHARIA in Nairobi, Kenya
NAIROBI – THE demand for qualified cyber security experts outstripping availability and existing gaps in current cyber security laws are among factors Kenya’s acclaimed position as a continental leader in the adoption of technology is a curse in disguise.

East Africa’s largest economy is losing millions of dollars in revenue to cyber criminals, with the small and medium enterprises (SMEs) and the financial services sectors the most vulnerable from the rampant attacks.

According to Africa’s Cyber Security report, the cost of cyber-attacks in Kenya is approximately $210 million.

This is because with digitalisation transforming economies, more and more businesses are automating services, relying more on technologies which open them up to new vulnerabilities, Riaan Badenhorst, General Manager at Kaspersky Lab Africa, said in an interview.

Attacks on automated teller machines continue to rise with attackers looking at ways of infiltrating bank infrastructure and payment systems using sophisticated malware.

Analysts believe Kenya is the victim of its own success owing to strides made ahead of other countries with regards to digitalising its economy.

“Kenya is a growing digital economy,” Badenhorst said.

He said as internet usage grew and given the fact that cyber-criminal activity was advancing globally, with more businesses in Kenya relying on technology, connecting to more devices, as well as aspects such as Bring Your Own Device (BYOD) and the Internet of Things (IoT) for work and
social purposes, this opened up any business and individuals to the world
of security threats.

“And where there is an opportunity, there are cyber-criminals,” Badenhorst said.

The expert said the threat landscape in the second quarter of this year gave the company lots of cause for concern regarding mobile users’ security.

The overall growth in mobile malware installation packages – especially associated with banking – demonstrated cyber-criminals were constantly creating new modifications to their malicious software to make it more sophisticated and discreet for cyber-security vendors to detect, he said.

In the second quarter, Kaspersky detected and repelled about 963 million malicious attacks from online resources located in 187 countries around the world.

This is over 20 percent growth against the previous period as attempted infections by malware that aims to steal money via online access to bank accounts also grew by over 5 percent from the first quarter.

The Communications Authority of Kenya (CA) reported that it received reports of the encryption based cyber-attack in form of ransomware.

The ransomware infects window-based computers, denying the user access to the computer until a ransom is paid. Ultimately the virus tries to infect other computers within the organisation and demand a ransom from each infected computer which may lead to operation halt and force the hands of
many organisations to pay in order to resume work.

In 2017 alone, these attacks hit some 19 companies.

Apart from the shortage of information security experts in the country, Kenya’s woes are attributed to lack of awareness or investment in information security, poor information security policies in organisations and lack of support from top-level management.

There is a huge talent gap that exists with the number of qualified cyber security experts in Kenya estimated at 1 600 against the expected demand of 40 000 professionals, according to Kaspersky.

“These figures are concerning as if we consider the move towards digital transformation, and growth of cyber security threats, organised cyber-crime is no longer just a boardroom headache,” Badenhorst said.

“It’s increasingly a very personal one and companies need to look at more effective ways to manage their cyber security,” the expert advised.

However, Badenhorst noted businesses around the world are experiencing a talent shortage in their cyber security divisions.

A study by Frost and Sullivan estimates 1,5 million cyber security positions will be open and unfilled by 2020.

“As such, it is critically important that government and stakeholders raise awareness and build capacity be able to address the issue and balance the demand in the market,” Badenhorst said.

Jerome Ochieng, Information Permanent Secretary, said government was drafting a Privacy and Data Protection Bill to fight increasing cyber-crime.
– CAJ News


Leave a Reply