Finance, betting and leisure most targeted by cyber criminals

The rate of fraud attempts in financial services sector in Kenya has increased by 309 percent in the past three years.

This has been followed by gaming, where the rate of attempts emanating from Kenya have increased by 102 percent, and travel and leisure by 37 percent.

This is according to insights from the TransUnion 2023 State of Omnichannel Fraud Report.

However, some industries, such as video gaming, retail, and telecommunications, saw a significant drop year-on-year, indicating that cyber criminals have turned their attention elsewhere.

TransUnion Kenya chief executive officer Morris Maina, says this may be testament to the increasing levels of control that providers are putting in place to help stop fraud and raise awareness of scams, although many people still fall victim to these schemes.

“We’re seeing a persistently high number of digital fraud attempts, with suspected digital fraud attempts originating from Kenya increasing most notably in the financial services sector, where the rate of attempts has increased by 309 percent since 2019. This reflects the overall accelerated adoption of digital technologies and rising online transactions as a result,” said Maina.

TransUnion monitors digital fraud attempts reported by businesses in varied industries such as gaming, financial services, healthcare, insurance, retail, travel and leisure among others.

The CEO says that rates of digital fraud attempts by sector tend to change rapidly, as fraudsters innovatively shift focus to where there are new opportunities to make financial gain.

warning that the cyber criminals will be agile in targeting consumers and organisations as Kenya navigates this recent period of economic uncertainty.

“Kenyan businesses need to take proactive steps to protect themselves and their customers. This means ensuring that identity proofing and authentication is up-to-date and as robust as possible”  the report reads in part.

A similar report titled State of Ransomware 2023 report, by Sophos a global firm dealing in cybersecurity, has found that in 76 percent of ransomware attacks against surveyed organizations, adversaries succeeded in encrypting data.

This has forced large business organisations to part with an average of $750, 000 (Sh103 million) to recover their data from malicious hackers.

This coming in the wake of an increase in cybersecurity threats especially the ransomware attacks.

With local insurance industry players lacking the capacity to price and offer indemnity covers for cyber insurance, this risks leaving the businesses that have expanded their digital footprints by providing services online exposed to huge costs in cases of hacking.

The survey also shows that when organizations paid a ransom to get their data decrypted, they ended up additionally doubling their recovery costs [$750,000 in recovery costs versus $375,000 for organizations that used backups to get data back]

“Paying the ransom usually meant longer recovery times, with 45 percent of those organizations that used backups recovering within a week, compared to 39 percent of those that paid the ransom.,” the report reads in part.

Overall, 66 percent of the organizations surveyed were attacked by ransomware—the same percentage as the 2021.

This suggests that the rate of ransomware attacks has remained steady, despite any perceived reduction in attacks.

Sophos field Chief Technology Officer Chester Wisniewski said incident costs rise significantly when ransoms are paid.

“Rates of encryption have returned to very high levels after a temporary dip during the pandemic, which is certainly concerning. Ransomware crews have been refining their methodologies of attack and accelerating their attacks to reduce the time for defenders to disrupt their schemes," said Wisniewski