Every day, organisations across Kenya waste valuable time and resources defending themselves against and recovering from cyber attacks. And the region has fast become a hotspot for cybercriminal activity.
In fact, recent attacks on websites locally have brought the ‘industry’ back to the fore. It’s no surprise then that in 2018 Kenya lost approximately Sh29.5 billion due to cyber attacks.
The crucial take-home from attacks that have occurred in 2019 thus is that the nature of these threats and the profile of the attackers have continued to evolve.
Furthermore, security teams have continued to struggle in keeping up, with skilled expertise to adequately deal with these threats remaining scarce. Kenya has only 1,700 skilled cyber security professionals, with 60 per cent of companies facing a shortage.
The latest edition of Microsoft's annual Security Intelligence Report (SIR) revealed key trends that emerged over the period in question. These trends make it acutely apparent that organisations in the region need to be continuously aware to keep abreast with the threats.
The first of these trends concerns a decline of ransomware attacks seen in the 2018 data. This is a great example of how the security community is pushing bad actors to adjust. We believe that attackers have shifted from this highly visible method to more stealth attacks because users have got smarter about how they respond. While there was a 73 per cent decrease globally — Kenya’s encounter rate averaged at 0.9 per cent.
While the decline in ransomware is good new, cryptocurrency mining has also become prevalent. Mining coins profitably requires an immense amount of computing power to perform complex calculations, so attackers install malware on users’ computers to “steal” the necessary computing power. The SIR report provides a great overview of how cryptocurrency works and other factors driving this trend.
Software supply chain attacks are another trend that we have been tracking for several years. A popular tactic used by attackers involves incorporating a compromised component into a legitimate application or update package, then have it distributed to the users via the software. These attacks are extremely difficult to detect as they take advantage of the trust that users have in their software vendors.
It’s probably not surprising that phishing continues to be a popular method of attack, and we expect that to continue for the foreseeable future. The good news: much like ransomware, bad actors have shifted tactics in response to the more sophisticated tools and techniques that have been deployed to protect users.
But while the SIR identified the above four key trends, organsations must also consider the following overarching and ongoing trends that look to remain prevalent going forward: Over the past decade, hundreds of organisations across Kenya have undergone digital transformation by adopting cloud technologies and mobile solutions and investing in the Internet of Things (IoT).
These new technologies have opened up astounding new organisational capabilities, and have helped secure many businesses. But criminals are also advancing and are using many of these new technologies as well.
Looking at the scale and impact of broad-based attacks in recent years like WannaCry and NotPetya, it’s evident that the threat of cyber breaches is rapidly growing. Thankfully, protection methods are evolving quickly too, and technology companies are investing heavily in the right minds and technologies to anticipate and mitigate cyber threats.
Artificial Intelligence (AI) and Machine Learning in cyber security can fill crucial gaps by analysing a vast ocean of threat data to prevent attacks before they occur. However, AI can also be a double-edged sword when it comes to cyber security, with attackers using it to exploit new complexities, interconnections and vulnerability points. To reduce the risk of these threats going forward, organisations will increasingly need to partner with the right solutions provider.
Furthermore, cloud is a security imperative that is vital in securing today’s modern workplace. With cloud services from trusted sources, security is built-in from the ground up, and updates and patches rolled out seamlessly, making cloud a key component of any threat preparedness plan for companies.
Cloud security remains important as we move towards an era of Intelligent Edge devices. With the movement of devices and services outside the firewall, there is more data, fewer boundaries, and more complexity than ever before.
As this year continues to progress, this will require custom-built security measures for these systems, like the Azure Security Center for systems running in cloud and on the edge, and additional protections like Azure Sphere’s security for MCU-hardware-enabled edge devices.
Quantum computing is focused on developing computers based on the principles of quantum theory, which attempts to explain the nature and behaviour of energy and matter on the atomic and subatomic level, also known as the quantum level.
Although quantum computing is still in its infancy, threat analysts will be keeping an eye on what advances in quantum computing would mean for security in the months and years that follow— and the answer is dire, unless we keep up. Although cryptographically relevant quantum computing may still be 10-plus years away, preparing for it would be something akin to upgrading the whole Internet.
The cyber attack and security landscape is constantly evolving. As technology professionals and consumers, we should keep abreast of the latest threats and trends and constantly innovate in this area if we are to stay one step ahead of cybercriminals —because they’re always trying to stay one step ahead of us.
Haileleul is Country Manager, Microsoft Kenya.