How Kenya emerged as leading cybercrime hotspot in Africa

Loading Article...

For the best experience, please enable JavaScript in your browser settings.

Concept of a hacker using a laptop. [Getty Images]

Earlier this week global investigative agency Interpol revealed that 24 people had been arrested in Kenya as part of an operation spanning 19 African countries and involving more than 1000 suspects.

The suspects arrested in Kenya were implicated in an online credit card fraud linked to losses of Sh1.1 billion. Much of the details of the suspects arrested in Kenya remain unknown, as are the timeline of the crimes and the victims affected.  

The report by Interpol has once again shed light on Kenya’s growing profile as both a source and transit point for high-stakes cyber security operations that rob victims of hundreds of millions of shillings each year locally and internationally.   

   

“The funds, stolen through fraudulent scripts run after altering the banking system’s security protocol, were promptly redistributed by the group via SWIFT to companies in the United Arab Emirates, Nigeria and China and subsequently, to digital asset institutions offering trading and financial services regulated in multiple jurisdictions,” explains the report by Interpol.  

The findings of the years’ long investigations by Interpol have underlined the concern that Kenya is fast emerging as a leading cybercrime hotspot on the African continent.  

According to the Organised Crime Index produced in partnership with Interpol’s Institute for Security Studies, Kenya ranked top in Africa last year in cyber-dependent crimes, ahead of Nigeria and South Africa. The index found that Kenya ranked highly in criminality, criminal markets and cybercrime actors.  

ALSO READ: 24 Kenyans arrested as Interpol cracks down on cybercrimes in Africa

According to the National Crime Research Centre, the leading types of crimes reported in the country last year were computer fraud (72.9 per cent), identity theft and impersonation (71.5 per cent), and interception of electronic messages or money transfers (57.3 per cent). 

The data was drawn from a study that sampled regulators associated with the criminal justice system and ICT sectors as well as several state agencies, mobile network operators and financial institutions. 

“These crimes have significant consequences, leading to financial loss, psychological distress, reputational damage, and even loss of life in extreme cases,” explains the NCRC. 

According to the study, one in two cybercrime offenders were classified as youth, with 44 per cent and 23 per cent of respondents citing ICT experts and prisoners/inmates as offenders respectively.  

Victims on the other hand were predominantly found to be the elderly those uninformed as well as major business players with the financial services sector emerging the most affected. 

“Crimes such as online banking fraud, credit card scams, and phishing attacks are prevalent, highlighting the necessity for robust cybersecurity measures in these sectors,” explained the NCRC. 

While the greater part of attacks are believed to be targeted at large corporations considered to have deep pockets to part with ransom payments, medium-sized organizations are also emerging as a fertile hunting ground for perpetrators.  

The situation has been worsened by significant challenges including lack of resources, corruption among investigative bodies and a shortage of specialized ICT skills and knowledge.  

ALSO READ: Victims of cybercrime share their experiences of mental anguish

For instance, Kenya has a dearth of certified cybersecurity experts which affects both the public and private sectors that seek to hire personnel for the crucial role. 

It also does not help that there is inadequate research conducted on the evolving risk and impact of cybercrime on the country’s economy with the most recent assessment of the cost of cybercrime to the Kenyan economy conducted in 2018.  

This was before Covid-19 accelerated the pace of digitisation of services and transactions and almost half a decade before ChatGPT went live. 

In the 2018 survey, cybersecurity firm Serianu found that Kenya loses approximately Sh33 billion annually to cybercrime, an amount believed to be much lower in reality.