Cybersecurity report identifies banks, VOIP as top targets in Kenya

Voice Over Internet Protocol is the biggest security threat facing enterprises in Kenya. William Makatiani, Director - Serianu Limited, says that from analysis of threats on traffic passing through the Kenya Internet Exchange Point (KIXP), firms were losing a lot of money through illegal use of VOIP. He was presenting at the launch of the first quarterly security report by the Telecommunications Service Providers Association of Kenya (TESPOK) held last week Thursday. 

File sharing applications were listed second in terms of targeted enterprise applications, followed by email, Cacti, Cpanel, Adobe PDF, Software activation applications and Joomla and Wordpress.

Interestingly, Makatiani says that Serianu is now seeing threats that are coming from the country and seem targeted at certain applications or firms. An unidentified server in the country has been sending baited PDF documents, which exploit out of date PDF software to install backdoors on users' computers when opened.

SSH attacks are also quite common with attacks being noticed every single day. 90 percent of such attacks can be eradicated through use of VPN and two factor authentication, which can now be deployed as a cloud based service.

Most people and firms ignore notifications to update their software, thus leaving them exposed to malware through unpatched software. Makatiani also notes that many organisations look at security as more of an expense than a necessity.

Some factors through, remain difficult to control, such as employees, who are notably among the top source of cyber attacks.

Also observed was suspiciously heavy remote access traffic targeted at IP addresses belonging to banks and insurance companies. The heavy traffic starts at midnight and ends at 6 AM. Makatiani explains that though some traffic is made to look like it was coming from foreign countries, the pattern indicated the source was within the country.

Fiona Asonga, TESPOK CEO, said that reports on the security status of various ISPs in the country has been available for some time at KIXP. It was however noted that most of the ISPs were either not aware of the report, or were not implementing its recommendations. The report lists types of threats, targeted addresses and source address in the operators' network.

Serianu has seconded security experts to KIXP, which is owned and operated by TESPOK. The experts are part of an industry cybersecurity incident response team (ICSIRT) that helps in detection and mitigation of threats in the private sector.

Speaking at the launch of the report, Communications Commission of Kenya Director General, Francis Wangusi, said that a number of banks and financial institutions in the country had been hard hit by cyber criminals, losing billions, and were "suffering in silence." Such firms would stand to benefit from the ICSIRT that can help in detection and stopping such threats.

TESPOK also launched an initiative to educate the public on cyber security, dubbed cyber usalama. The initaitive will be through a website that Fiona describes as done in easy to understand language.

Join the CSO newsletter!

Error: Please check your email address.

Tags security

More about Adobe SystemsSSH

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Dennis Mbuvi

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts