A report by Communication Authority Of Kenya (CA) on sector statistics shows that there were a total 7.9 million cyber threats detected by the National Computer Incident Response Team (KE-CIRT/CC) between January and March. This denoted a 25.5 percent decrease given the 10.7 million cyber threats detected during September-December 2017 period.
During the quarter, the cyber threats detected varied from denial of service (DOS) including
botnet and brute-force attacks that led to denial of computer services and illegal access to
computer systems; online impersonation via social media accounts and domain names; web application attacks including website defacement; malware including phishing attacks; online abuse including online fraud, hate speech, incitement to violence and fake news; and systems misconfiguration, among others.
Online Fraud was the biggest at 50 per cent followed at a distance by malware attacks and system misconfiguration, both at 22 per cent.
“During the period under review, the highest number of cyber threats targeted file sharing, web service and Voice over IP (VoIP) applications,” notes the report.
During the quarter under review, the National KE-CIRT/CC identified ten usernames and passwords mostly used in brute force attacks.
The top-3 usernames were root, user and usuario while the top-3 passwords used were admin, 1234 and password.
The table below shows the top-10 usernames and passwords used in brute force attacks.
In 2017, it was reported that financial institutions in Kenya lost a staggering Ksh30 billion to cybercriminals who hacked their systems between 2015 and 2016. Records obtained by detectives showed the institutions lost Ksh17 billion in 2016 and Ksh14 billion in 2015.
This year, there have been escalated cases of cyber threats, whereby fraudsters target mobile money users.A part from individuals, institutions targeted include Kenya Revenue Authority (KRA), National Transport and Safety Authority (NTSA), Saccos and the Independent Electoral and Boundaries Commission (IEBC).Criminals hack the systems of the institutions and steal data and money undetected.
Detectives have blamed the trend on technological advancement, which has made Kenya a soft target by cyber criminals.
In 2016 alone KRA, NTSA, DTB Bank, Family Bank, Equity Bank, Police Sacco, Stima Sacco, Kenya Power were attacked by hackers, according to a police report.
Do you have a story you want told? Do you know of a sensitive story you would like us to get our hands on? Email your news TIPS to firstname.lastname@example.org