Kenyan business and institutions are on tenterhooks as global hacktivist group Anonymous* sent warning salvos to the country’s government to allow its citizens to protest freely against the #RejectFinanceBill2024. The bill proposed by the Kenyan Government in the 2024/25 tax year is planned to raise $2.7 billion in additional taxes to reduce the budget deficit and state borrowing. This has met with nationwide citizen protests.
The threat is a stark reminder of the massive Distributed Denial of Service (DDoS) attack on Kenya’s government websites launched in August 2023. These attacks, attributed to Anonymous Sudan, were executed under the pretext of defending citizens’ rights.
Last year’s attack targeted the country’s eCitizen portal, which provides access to over 5,000 government services, and disrupted critical online services, highlighting vulnerabilities in the nation’s cybersecurity infrastructure.
“Anonymous Sudan has a history of targeting government websites and technology firms in various countries, including Sweden, Israel, and now Kenya. The group’s latest threats to the Kenyan government underscore the urgent need for enhanced cybersecurity measures across the region,” says John Paul Onyango, Country Manager: East Africa of Check Point Software Technologies Ltd.
While the 2023 attacks have galvanised Kenyan businesses and Government institutions to revisit their cybersecurity defences and implement broad citizen awareness programmes of cyber-attacks and how to mitigate them, Onyango argues that closer attention needs to be paid to end-to-end cybersecurity practices.
According to recent threat intelligence reports from Check Point, organisations in Kenya are attacked on average 3,517 times per week, significantly higher than the African average of 2,462 attacks per organisation. Kenya was ranked in the top 20 most attacked countries globally during May 2024 in Check Point’s Top Malware threat report.
The leading malware threats in Kenya in the last month include FakeUpdates, Botnets, and various backdoors like Expiro and Floxif. Notably, 97% of malicious files in Kenya were delivered via email in the last 30 days. The most common vulnerability exploit type in Kenya is Information Disclosure, impacting 81% of organisations.
According to a recent article in Innovation Village, in light of cyber attacks in the last year, Kenya is poised to receive assistance in bolstering its cybersecurity defenses, thanks to pledges from major technology corporations. In May 2024, industry leaders such as Google and Microsoft announced their intentions to make significant digital investments in Kenya. These investments are not limited to financial contributions but also include collaborative efforts to enhance the country’s cybersecurity infrastructure.
The commitments from these tech giants are expected to provide a substantial boost to Kenya’s capabilities in defending against cyber threats. The support will likely encompass a range of cybersecurity measures, from advanced threat detection to improved security protocols, and may also involve training for Kenyan personnel to better manage and respond to cyber incidents.
Fintech vulnerabilities
While Kenya’s fintech sector is a driving force in the country’s economic transformation it faces growing challenges in securing its data centres and trading platforms, as well as migrating securely to the cloud. Solutions to address these problems should include ultra-scalable protection and compliance.
The prevalent mobile-first culture in Kenya has also led to the rapid development of income-generating applications. However, this focus on speed-to-market often comes at the expense of robust cybersecurity measures.
“As banking applications and APIs continue to grow and evolve, so does the attack surface for cybercriminals. The automated detecting and preventing attacks on web applications and APIs is critical for protection,” Onyango says
With the rise of remote work, securing all devices and connections is more crucial than ever. The protection of SD-WAN connectivity for branches is essential in mitigating risks associated with connecting directly to the cloud. IoT devices are a growing target for cyberattacks, and banks must be equipped to protect their networks too.
Proactive Measures and Strategies
- Enhanced Email Security: Given that 97% of malicious files are delivered via email, robust email security solutions are critical.
- Advanced Threat Detection: Implementing AI-driven threat detection systems to identify and mitigate potential threats proactively.
- Security Awareness Programs: Regular training for employees to recognise and respond to cyber threats effectively.
- Collaboration and Cyber Academies: Partnerships with universities and the launch of cyber academies, such as the Check Point SecureAcademy, are essential in creating a pipeline of skilled cybersecurity professionals.
Onyango concludes, “As Kenya and the broader African region continue to develop their digital infrastructure, the cybersecurity challenges posed by groups like Anonymous Sudan cannot be ignored.
“By investing in advanced security technologies, fostering a culture of security awareness, and adhering to regulatory compliance, organisations can better safeguard their data and maintain operational resilience amidst the evolving threat landscape,” he concludes.
See: A Look into Kenya’s Cyber Security Landscape with Check Point
