Cyber attacks increase tenfold on outdated security systems
Business
By
Macharia Kamau
| Feb 09, 2024
Kenyan firms and individuals faced an increasingly hostile online environment as assaults by cybercriminals surged to high levels in three months to December last year.
A new report by the Communications Authority of Kenya (CA) shows that cyber threats detected by the Kenya Computer Incident Response Team Coordination Centre (Ke-CIRT/CC) increased by 943 per cent.
This, CA said, was due to increased capacity locally to monitor and repel threats but also due to limited investments in cybersecurity and outdated security systems.
Despite the surge in the number of threats, firms appear lax in reporting attacks as according to CA, there was a 10 per cent drop in investigation requests.
"During the three-month period between October and December 2023, the National KE-CIRT/CC detected over 1.29 billion cyber threat events, which represented a 943.01 per cent increase from the 123 million threat events detected in the previous period (July to September 2023).
READ MORE
Insurers caught flat-footed ahead of IRA's 24-hour cyber breach deadline
Ruto dreams of a 'new Singapore', but not when counties hold us back
Expanding access to justice through reforms
Parliament moves to end decades-long registration nightmare
Private universities under Sh 48.8 billion pending bills
Government websites hit in major cyberattack
Somali banks on Port of Mogadishu to push 24hr-economy plan
Inside Sharjah's 'Poetry Pharmacy', where healing comes in verses, not pills
"This exponential increase is attributed to enhancement of our cyber threat monitoring capabilities and the existence of vulnerable systems due to system misconfigurations," said CA in the cybersecurity report for the quarter to December.
"Further, the increased exploitation of 'system vulnerabilities' is also aligned to global trends, and relates to the global surge in the deployment and use of Internet of Things (IoT) devices which are inherently insecure."
Most prevalent were system misconfiguration attacks whereby hackers tried to gain access - sometimes successfully - into the systems of organisations including government entities, which stood at 1.27 billion.
"Majority of the attacks were targeted organisations within the ICT sector. Attackers targeted database servers, operating systems and infrastructure belonging to various Internet Service Providers (ISPs) and cloud-based services," said CA.
"Most attackers exploited vulnerabilities in outdated operating systems and leaked user login credentials.
"The exponential growth in the exploitation of system vulnerabilities, which is a vector that has long been used by cyber threat actors, may be attributed to the proliferation of IoT devices which are inherently insecure."
There was also an 89.6 per cent increase in the number of brute force attacks, which were largely targeted at the ICT sector and government systems.
According to CA, attackers targeted user login credentials and database servers belonging to government organisations and cloud-based services.
Most attackers exploited vulnerabilities in the remote desktop protocol and user login credentials.
Over the quarter, there was a 94 per cent increase in the number of attacks targeted at mobile applications, which targeted mobile devices such as phones and smart (android) TVs.
"The perpetrators of these attacks mainly sought to steal sensitive user data such as PII, login credentials and financial details for malicious purposes," said CA on attacks targeting mobile devices, adding that to minimise attacks, users should disable Android Debug Bridge (ADB) on their devices, download applications from trusted sources, check application permissions and keep software up to date.
There was a 10 per cent drop in digital investigation requests received by the Ke-CIRT.