• "Working with more people to fight cyberattacks will not work instead one needs to now focus on automation,” said Radware VP for portfolio strategy director Avi Chesla.
• G-Tech director Mark Odhiambo said, in partnership with Radware, they usually deploy the use of AI systems when dealing with cyberattacks.
Image: HANDOUT
There is a need for governments and businesses to use AI powered adaptive protections to stay ahead in cases of cyberattacks, experts have said.
Radware VP Head of Portfolio Strategy Avi Chesla said attackers and defenders have today become more powerful with AI.
He was speaking during the cybersecurity crisis and escalation of the threat landscape in Africa conference in Nairobi.
“The best way is to fight AI with AI. If you are not investing in automation, then you are not doing enough. Working with more people to fight cyberattacks will not work instead one needs to now focus on automation,” he said.
Chesla noted that there are accelerating risks with AI adding that in such attacks, it is about exploring new vulnerabilities.
Some of the risks involve the use of AI-powered tools craft automated and highly adaptive attacks, AI helps identify and then weaponise zero-day vulnerabilities and the use AI-driven botnets to orchestrate massive DDoS (Deliberate Denial of Service) attacks.
He said intelligent security, consistent protections and expert defense are needed to stay ahead.
This means using automated, real-time protections based on AI and Machine Learning (ML) based algorithms that evolve as the attacks morph, employing 360 degree, consistent protection across all environments and entry points and accessing security experts 24/7 during attacks and in peacetime.
Image: MELINDA KIRWA
G-Tech director Mark Odhiambo said, in partnership with Radware, they usually deploy the use of AI systems when dealing with cyberattacks.
“AI is very effective as it uses Machine Learning (ML) which makes it easy to understand how an attack behaves. The kind of technology we use in security AI, it is not just the common AI solutions that are used to solve mathematics problems or generate content,” he said.
“Today, attackers just plug in AI codes that are very effective. The old algorithms that we used when we started out in the cyber security space are no longer effective. That kind of technology has become obsolete.”
Odhiambo added that the government and businesses need to develop and use AI powered models that can even mitigate an attack in less than a minute.
Early this year, Kenya suffered devastating cyberattacks that crippled key government services and triggered anxiety in banks and mobile money apps.
Platforms such as eCitizen and those linking banking systems with mobile money providers experienced “challenges” as it became apparent that hackers had targeted Kenyan institutions and private businesses.
In the recent past, the National Computer and Cybercrimes Coordination Committee (NC4) had announced increased and abnormal global internet traffic targeted at several Critical Information Infrastructures (CIIs) in Kenya.
The traffic including Distributed Denial of Service (DDoS) is aimed at disrupting essential services, particularly in telcos, banking and education sectors.
At that time, ICT and Digital Economy CS Owalo confirmed the hacking of government websites by a group hackitivists called 'Anonymous Sudan' but assured Kenyans that no data had been compromised.
“What the hackers did is try to clog the system by making over and above ordinary levels of requests into the system to interfere with the efficiency and effectiveness of the platform,” Owalo said.
He said government technicians were able to revert the system back to normalcy by the evening of the day of the attack and ensured the hackers’ attempts were botched.
According to ODPC data, some of the common security challenges include increased exposure, threats and risks such as ransomware and DDoS attacks.
Other risks include limited resource allocation and coordination to support the cyber ecosystem where there are numerous siloed approaches, limited capabilities for real-time visibility of cyber threats, low detection and response and low cyber security capacity skills and hygiene across sectors.
Odhiambo said they are working together with the government as plans are underway to establish a scrubbing centre at the Konza data centre.
Image: MELINDA KIRWA
This is a specialised security centre, which according to him, is very important during DDoS attacks.
“A scrubbing centre is a data centre where there are very many attack mitigation systems programmed to “weather the storm” in case there is a cyberattack,” Odhiambo said.
Built inside the data centre, Odhiambo added that this will be the first scrubbing centre in East and Central Africa as they also have a similar one in South Africa.
“We had expected the launch and operations to begin this year but we are still waiting for enough traffic generation to Konza,” he said.
“The government will need this kind of technology to protect its people which will ultimately translate to more revenue.”
Odhiambo said government does not have enough capacity in terms of infrastructure and technology to mitigate against DDoS attacks hence why there is a need to have such advanced technology.
A report by the Communications Authority (CA) shows that during the three month period between July to September 2023, some 123,899,936 cyber threats were detected.
This was a 11.36 per cent decrease from the 139,775,123 threat events detected in the preceding quarter between April to June, 2023.
The report also indicates 5,581,354 advisories were issued between July to September 2023.
This was a 48.05 per cent decrease compared to the 10,742,859 advisories that were issued during the April to June 2023, period.