Cyber attacks increase tenfold on outdated security systems

Kenyan firms and individuals faced an increasingly hostile online environment as assaults by ="https://www.standardmedia.co.ke/business/financial-standard/article/2001484827/report-kenya-anticipates-rising-corporate-security-threats-in-2024">cybercriminals< surged to high levels in three months to December last year. 

A new report by the Communications Authority of Kenya (CA) shows that ="https://www.standardmedia.co.ke/branding-voice/article/2001484592/firms-on-the-alert-as-cyber-threats-spike">cyber threats< detected by the Kenya Computer Incident Response Team Coordination Centre (Ke-CIRT/CC) increased by 943 per cent.

This, CA said, was due to increased capacity locally to monitor and repel threats but also due to limited investments in cybersecurity and outdated security systems.

Despite the surge in the number of threats, firms appear lax in reporting attacks as according to CA, there was a 10 per cent drop in investigation requests.

“During the three-month period between October and December 2023, the National KE-CIRT/CC detected over 1.29 billion cyber threat events, which represented a 943.01 per cent increase from the 123 million threat events detected in the previous period (July to September 2023).

“This exponential increase is attributed to enhancement of our cyber threat monitoring capabilities and the existence of vulnerable systems due to system misconfigurations,” said CA in the cybersecurity report for the quarter to December. 

“Further, the increased exploitation of ‘system vulnerabilities’ is also aligned to global trends, and relates to the global surge in the deployment and use of Internet of Things (IoT) devices which are inherently insecure.”

Most prevalent were system misconfiguration attacks whereby hackers tried to gain access – sometimes successfully – into the systems of organisations including government entities, which stood at 1.27 billion. 

“Majority of the attacks were targeted organisations within the ICT sector. Attackers targeted database servers, operating systems and infrastructure belonging to various Internet Service Providers (ISPs) and cloud-based services,” said CA. 

“Most attackers exploited vulnerabilities in outdated operating systems and leaked user login credentials.

“The exponential growth in the exploitation of system vulnerabilities, which is a vector that has long been used by cyber threat actors, may be attributed to the proliferation of IoT devices which are inherently insecure.”

There was also an 89.6 per cent increase in the number of brute force attacks, which were largely targeted at the ICT sector and government systems.

According to CA, attackers targeted user login credentials and database servers belonging to government organisations and cloud-based services.

Most attackers exploited vulnerabilities in the remote desktop protocol and user login credentials.

Over the quarter, there was a 94 per cent increase in the number of attacks targeted at mobile applications, which targeted mobile devices such as phones and smart (android) TVs.

“The perpetrators of these attacks mainly sought to steal sensitive user data such as PII, login credentials and financial details for malicious purposes,” said CA on attacks targeting mobile devices, adding that to minimise attacks, users should disable Android Debug Bridge (ADB) on their devices, download applications from trusted sources, check application permissions and keep software up to date. 

There was a 10 per cent drop in digital investigation requests received by the Ke-CIRT.