CYBER THREATS

Kenya's cyber attacks hit 35.2 million during Covid peak

Increase attributed to working remotely and increased uptake of e-commerce.

In Summary

• The National KE-CIRT/CC detected 35.2 million cyber threat events between July to September 2020, new data shows.

• The data detected an increase in malware and web application attacks.

The National KE-CIRT/CC detected 35.2 million cyber threat events between July to September 2020, new data shows.
The National KE-CIRT/CC detected 35.2 million cyber threat events between July to September 2020, new data shows.
Image: COURTESY

The Kenya Computer Incident Response Team – Coordination Centre (National KE-CIRT/CC) detected 35.2 million cyber threat events between July and September 2020, new data shows.

According to data from the Communications Authority of Kenya, this represented a 152.9 per cent increase from the 13.9 million threat events detected in the previous quarter.

The increase in cyber threat attacks detected was attributed to the move to working remotely and increased uptake of e-commerce in response to the Covid-19 pandemic.

The data detected an increase in malware and web application attacks.

This increased vulnerability of organizations and businesses to cybercriminals who targeted remote working systems and tools, and e-commerce sites for fraudulent gains.

Out of the 35.2 million cyber threats, 31,842,635 were malware compared to 12,508,275 recorded between April to June 2020. This represents a 154.6 per cent increase.

1,245,451 were DD0S/Botnet compared to only 267,931 recorded in the previous quarter - a 364.8 per cent.

A DDoS (distributed denial of service) attack is a malicious attempt to make a server or a network resource unavailable to users.

It is achieved by saturating a service, which results in its temporary suspension or interruption.

Occasionally referred to as a “zombie army,” a botnet is a group of hijacked Internet-connected devices, each injected with malware used to control it from a remote location without the knowledge of the device’s rightful owner. 

Web application attacks increased by 86.6 per cent to 2,057,369 from 1,102,840 the previous quarter.

System vulnerabilities however reduced by 5.1 per cent to 28,482 from 30,023 between April and June. 

During this period, there was also an increase in online abuse and online fraud cases reported to the National KE-CIRT/CC.

National KE-CIRT/CC also received 354 requests from investigative agencies.

This was a 36.15 per cent increase in requests received as compared to 260 in the previous period of April and June 2020.

During this period, there was an increase in child online abuse, online abuse and online fraud.

Of these requests, 1.7 per cent related to child online abuse, 36.2 per cent being attributed to online abuse and 27.4 per cent being linked to online fraud.

According to global cybersecurity firm–Kaspersky, Kenya is among African countries facing a possible increase in cybercrime in 2021, amid economic uncertainty occasioned by the Covid-19 pandemic.

While the increase in these crimes will vary by country, African nations must prepare themselves for the inevitability of increases in malware that already topped 28 million by August last year, according to Kaspersky research.

“Thanks to the increased connectedness of people, the rise in unemployment will not only see a spike in traditional crime, but this will also extend to the digital environment – something we are already seeing,” Lehan van den Heever, Enterprise Cyber Security Advisor for Kaspersky in Africa, said earlier this week.

Kaspersky security solutions in September reported 28 million malware attacks in 2020 and 102 million detections of potentially unwanted programs (pornware, adware among others), where South Africa, Kenya and Nigeria were the most affected.


More: