CYBER SECURITY

Cyber crime justifies need for tech know-how - Microsoft

In Summary

•Last year alone, cyber attacks cost the country Sh29.5 billion, a figure that has been growing steadily over the past decade

•The National KE-CIRT/CC detected 11.2 million cyber threats over the three months to March 

Increased digitisation in Kenya calls for small businesses to adopt cloud-computing technology to boost output and protect customers from cyber threats, according to a top microsoft official.

Speaking at a forum on the state of Kenya’s cyber security landscape, country manager Sebuh Haileleul said adoption of the technology used to store and secure a firm’s data would reduce security threats and protect user information.

In its latest report,  cybersecurity firm Serianu indicates that last year , Kenya lost Sh29.5 billion through cyberattacks with financial services, government institutions, betting and fintech firms being the most targeted.

“As organisations continue to pursue a fully digitally transformed future, threats within the cyberspace will continue to become more advanced in not just the financial sector, but in many industries across the region,” Haileleul said.

He said it would be cost effective for start-ups to adopt the cloud services, which not only increase accessibility but allows, agility, speed and scalability, in turn boosting productivity.

Data by the Communications Authority released on Monday shows Internet access, mostly through mobile devices, grew between the January-March period with subscriptions reported at 46.8 million. Of these, 46.7 or 21.9 million subscriptions were on broadband.

Subsequently, the National KE-CIRT/CC detected 11.2 million cyber threats over the three months, a 10.1 per cent increase from the preceding quarter.

“In response to the cyber threats detected, the National KE-CIRT/CC issued 14,078 cyber threat advisories to the affected organizations, which is an increase from the 12,138 issued during the previous period,” the report states.

There has been increased incidents of hacking of government and corporate systems in Kenya, the most recent in May when 18 government websites were temporarily taken down by hackers.

Earlier in February, Kenya’s Directorate of Criminal Investigations issued warrants of arrest for 130 suspected hackers and fraudsters for alleged banking fraud between June last year and January.

Last year, phishing remained the most prevalent cyber threat followed by ransomware, cryptocurrency mining and software supply chains.

“This draws our attention to new avenues now being identified for attacks - otherwise very easily ignored by organisations as a recognisable ‘pathway’ for penetration,” he said.

It is estimated Kenya only has 1,700 skilled cybersecurity professionals, with 60 per cent of companies facing a shortage. This highlights a need for more education, exposure and adoption.

He lauded the government for increased efforts to engage the public in the creation of Kenya’s Data Protection Bill, which mirrors European Union’s General Data Protection Regulation (GDPR), which came into effect in May 2018.

“Where there is always an opportunity to provide transparency I think it is a good thing,” Haileleul said.