High speed Internet exposes Kenya to cybercrime

This creates more avenues for hackers to gain access to personal data or access funds in online accounts.

They cite the example of a local hacker, who managed to gain entry into CDSC accounts held by one stock broker and transferred stocks between accounts without either the owner or the broker realizing during the 2008 post election violence period.

More alarmingly, lack of adequate online security procedures may expose the over seven million users of mobile money transfers platforms to fraud as their accounts become more accessible to malicious programmers. This is because the SMS functionality that drives services are not encrypted.

“Organizations need to know we are in a new era of technology and information where hacking, information leaking, and business espionage are real threats,” said John Gichuki, a security analyst at Lanet Consulting.

He advises firms to urgently undertake internal and external security assessments with the aim of realizing at least 90 per cent security.
Although many companies believe they have installed secure systems, analysts blame the lack of adequate training of most web developers for the current sorry state of business security.

Mr Idd said most programmers were being trained to focus more on the design aspect of websites rather than security — securing the most obvious areas of a site but leave gaping holes elsewhere.

According to data from global security firm Symantec, there’s an average of over 245 million attempted malicious code attacks across the globe every month.

“As malicious code continues to grow at a record pace, we’re also seeing that attackers are profiting from creating customized threats that steal confidential information, particularly bank account credentials and credit card data,” said Stephen Trilling the vice president of Symantec Security.