Online threats decrease as users up security measures

Delegates engaging at the 2018 Africa Cyber security conference in Nairobi on July 9,2018.Photo/Enos Teche.
Delegates engaging at the 2018 Africa Cyber security conference in Nairobi on July 9,2018.Photo/Enos Teche.

Internet users are increasingly adopting online security measures with the recorded number of cyber threats during the April-June period dropping by more than half.

Data by the Communication Authority shows about 3.46 million cyber threats were detected during the quarter under review. This is a 56.59 per cent drop from 7.97 million threats reported in the previous quarter.

“Of the total number of cyber threats detected, the National KE-CIRT/CC validated and escalated 2,613 cases during the quarter under review, these being the cases which the National KE-CIRT/CC determined to be critical and therefore requiring intervention,” CA stated in its quarterly statistical release.

Majority of the escalated cases were systems misconfigurations with 932 cases reported while there were 840 and 647 cases on malware and online abuse. Others were web application, botnet, online fraud and online impersonation.

Some of the implications of these attacks included denial of computer services and illegal access to computer systems, impersonation via social media accounts, website defacement, phishing attacks, online fraud and fake news among others.

Most individuals and businesses employ the use of antivirus, backups and device encription to shield them from cyber threats.

The antivirus solutions applied on devices and servers can detect and eliminate many direct threats. Backups can also ensure that any data lost in attack is recoverable while device encryption can secure confidential data from being obtained by attackers.

The National KE-CIRT/CC cautioned internet users against using common passwords and usernames as they were vulnerable to brute force attacks.

The three most targeted usernames were identified as root, admin and test while the top three passwords used were 123456, password and 1234.

“All these are popular default username and password combinations for a majority of products by software and hardware vendors,” the report stated.

Other vulnerable usernames were anonymous, user, oracle, ubuntu, postgree and gits while targeted passwords included admin, default, nas4free, root, test and alpine.

The Authority has also warned that various websites and mobile applications being launched in the market are fake and that individuals running them are doing so to take advantage of unsuspecting Kenyans.

“Majority of the users encounter online shopping frauds through social media platforms such as but not limited to Facebook, Instagram, WhatsApp, Telegram, and customized blog sites and websites,” CA director general Francis Wangusi told the Star.

CA reported 10.71 million cyber threats in the October-December period last year.