Cybercrime still poses a great threat to the Kenyan economy. Last year alone, over 10 million hacks were recorded in the country, with social media becoming one of the primary targets- as one in every ten people got attacked by the hackers.
With the availability of more digital and internet devices such as cloud-based systems in the corporate field, individuals and companies have become an easy target to cyber-attacks.
According to recent statistics by the Communications Authority of Kenya, there is an increase in the number of cyber threats targeting Kenya’s cyber space, with over 10 million cyber events detected during the quarter as compared to 3.8 million in the previous quarter.
These grave statistics shows that cyber threats have gone up by 168 percent. This data is also backed up by checkpoint, a live cyber-attack threat map, which shows a live feed of hacks that are happening across the globe, posing a worrying trend.
Also during the same period, the regulator issued 12,197 cyber threat advisories of which the bulk was system misconfiguration (totalling 9,101). This was a 91 per cent increase compared to the previous quarter.
Attacks
The report also added that the assaults, which were executed through malware including phishing attacks and those done through exploitation of misconfigured systems, increased by 7.1 million and 901 respectively.
Within Kenya, the financial sector is the hardest hit by the attacks with research showing that in late 2018, banks accounted for 18 per cent of the attacks, while payment systems accounted for 10 per cent of the attacks.
Web application attacks including website defacement and illegal access to online applications and Denial of Service attacks which hampered the availability of computer services decreased by 327,682 and 457, 927 respectively.
“During this period under review, 12,197 cyber threat advisories were issued to the affected organizations, marking a 91 per cent increase from the advisories sent out to affected institutions in the previous quarter,” the report reads.
CAK also noted that there is an increase in the number of fake mobile applications hosted on popular online stores which deliver malware to mobile phones thereby defrauding unsuspecting users.
“There was an increase in cyber threat globally. In particular, there were rising cases of malware and sale of stolen data and credentials, which includes personal data and credit card information,” the regulator notes.
Skills Gap
With Kenya’s first growing tech market and looming cyber-crime on the horizon, the country has limited/no mechanism to protect itself from cyber-crime.
It is against that backdrop that companies and individuals are eager to hire cyber security experts to guard against those risks. The problem, however, is that there are not enough individuals who can fill those roles.
The demand for skilled security professionals is one of the biggest challenges facing the cyber security industry today. This has in turn spun into a global challenge for every industry.
Microsoft Security Intelligence Report 2018, which looked at emerging cybercrime trends over the past 12 months, estimates that Kenya only houses 1,700 skilled cyber-security professionals, with 60 percent of companies facing shortage alluding to the need for more education, exposure and adoption.
Yet with these grave insights, many institutions lack trained teachers as well as course programs in cyber security. This robs students the opportunity to learn critical skills required by security specialists.
Lack of cyber-security skillsets makes Kenyan businesses an easy target for both local and international hackers, says a report by cyber security firm Serianu, indicating further that the cost of cybercrime in Kenya in 2018 was Sh30 billion, but organisations could lose more in the coming years because it is not equipped with the necessary tools and techniques to identify and deal with the hackers.
“With the cost of cybercrime increasing every year across Kenya, this is still a challenge to the nation,” the report reads.
The damning report further says that Kenya not only has a shortage of highly technically skilled people, but also an even more desperate shortage of technicians who can design secure systems, write safe computer code, and create the ever more sophisticated tools needed to Anticipate, Detect, Respond and Contain Cyber threats.
According to the report, the demand for skilled personnel stood at 10,000 people while the total population of professionals countrywide was less than 20 per cent, at below 2,000.
The report also revealed a weak verification process that was caused by staff with inadequate technical skills, which was potential to exposing the systems to malicious hacking.
A global cyber security report from Vodafone highlights that the more cyber ready a business becomes, the better its overall business outcomes.
Vodafone’s Cyber Ready Barometer notes that 48 per cent of cyber ready businesses are reporting more than 5 per cent increases in annual revenue as well as high stakeholder trust levels.
This calls for Cyber readiness in Kenya with a mix of different measures including cyber operations, cyber strategies and resilience, an understanding of risk and employee awareness.
