Kenya's cybersecurity concerns on the rise

The fastest growing threat is anonymous proxy servers, according to a new report

Cybersecurity incidents in Kenya are on the rise, owing to infrastructure growth and increased demand for connectivity in rural and urban areas, according to the most recent annual cybersecurity report from the Telecommunications Service Providers of Kenya (TESPOK).

Botnet attacks, cyberespionage, online and mobile banking fraud and anonymous proxy server attacks are some of the main threats identified by the recently published report.

The survey found that in 2013 the number of cyberattacks detected in Kenya rose by 108 percent to 5.4 million.

"The trends captured in this report are similar in many ways to global trends reported in other regions all over the world; for example, the challenges of Domain Name System (DNS) attacks and Distributed Denial of Service (DDoS) are a continuous threat globally," said Paula Kigen, associate director for the Centre for Informatics Research and Innovation (CIRI) at the United States International University in Nairobi.

Kigen, one of the report's authors, pointed out that Kenya is still grappling with malware and botnets that have been successfully put under control in other regions of the world.

The fastest growing threat is anonymous proxy servers, according to the report. A total of 290,000 attacks originating from anonymous proxy servers were detected last year, compared to 50,000 similar attacks in 2012.

The report identified malicious Kenyan IP addresses on top ISPs like Telkom Orange, Jamii Telecom, Safaricom, and Access Kenya among others. The report also said that 20 of the top ISPs in the country were used for malware hosting, bot activity, DNS and proxy attacks, but declined to name the ISPs. TESPOK draws membership from the country's ISPS.

Online and mobile banking fraud is a bit unique to Kenya, given the extensive use of mobile money services as more banks seek to provide innovative solutions.

"Out of 33 banks sampled, only 2 banks had client-side encryption implemented," the report said. "This means that for the remainder of the banks, a sniffer on a customer or end user PC network will reveal the user's password in plain text; it should also be noted that the SSL encryption used on the various bank sites are not well implemented, meaning that they can be easily circumvented in order to perform man-in-the-middle attacks."

Kenya has 13 million Internet users, according to statistics from the Communications Commission of Kenya. Most people access banking services via their mobile phones. Fraudsters have found a way to exploit individuals, banks and merchants that use mobile money as a payment option.

The report notes that there has been increased security measures at the individual and enterprise level but faults the current Computer Emergency Response Team mechanism, currently hosted by the CCK, for not leading cyber security efforts.

"Kenya needs to have a definitive incident response team and active Computer Emergency Response Team (CERT) to help the country recover in the event of a large-scale coordinated cyber-attack," the report said. "The possibilities of such an attack are high and concerns of our preparation to address such a threat are not unfounded."

The survey does not highlight reports that some terrorist attacks have been carried out after mobile networks were jammed. For example, networks were reportedly jammed on Monday during the attack by Al Shabab militants in Lamu, in the coastal area.

Join the CSO newsletter!

Error: Please check your email address.

Tags Safaricomsecurity

More about CERT AustraliaComputer Emergency Response TeamOrange

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Rebecca Wanjiku

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts