Alarm as State-backed cyber crimes continue to increase

Rising cases of cyber-attackers is becoming a major threat to businesses, organisations and governments. Now these attacks are taking a new dimension as States become the architects of some of these attacks.

“Governments have been known to commission hackers as data has become the new oil. The more data a country has about its allies or enemies the more power it has,” said ESET East Africa Channel Manager, Ken Kimani.

“Without some kind of geopolitical consensus, it’s going to get a lot tougher for cyber security experts to stop or regulate states or those criminal groups that are effectively being sheltered by the state.”

ESET, a Slovak internet security company, says State-backed cyber-attacks targeting both government entities and corporate sector in Africa and the Middle East are on the rise. The hackers, the firm notes, target government departments, critical infrastructure, military establishments and corporate companies in those regions.

Even though the cybercrime is worth trillions, the company said the attackers are not out for financial gain but leverage on the information leading to database security vulnerabilities.

In 2019, 18 Kenyan government websites were attacked by cybercriminals leaving the homepages dysfunctional.

The government websites were hacked by Indonesia hacker group called ‘Kurd Electronic Team’. However it is not clear whether it was state-driven.

Some of the major websites whose operations were affected include National Treasury operated online procurement platform- Integrated Financial Management Information Systems (IFMIS), National Development Implementation and Technical Communication (NDICT), National Youth Service (NYS), and National Environment Management Authority (Nema).

Mr Kimani said the attack campaigns are using sophisticated multi-stage approaches often described as Advanced Persistent Threats (APTs) that require “lengthy reconnaissance work and efforts to stay hidden inside networks for long periods, with the focus being on cyber-espionage or destructive attacks, designed to further geopolitical ends.”

“With many vendors on the dark web now selling exploits and malware to state actors it has become common place to hear of some governments hiring freelance hackers to help with some campaigns,” he added.

According to ESET, governments globally have always conducted offensive cyber - operations but these campaigns have grown in volume and impact.

The most famous is the Stuxnet Malware attack used by the US and Israel governments against Iranian nuclear facilities in 2010.

The global cybercrime estimated worth trillions annually and is becoming a fully functioning economy that generates GDP of many countries, packed with freelance resources, knowledge and stolen data that many governments covet.

The global industry-leading IT security provider added that cyberspace now represents a new theatre of war in which no countries have yet agreed terms of engagement.

“That has left a vacuum in which it’s deemed acceptable by certain nations to directly or indirectly sponsor economic espionage. It’s gone even further: in some cases where organized cybercrime is allowed to do its own thing as long as its efforts are focused outward at rival nations,” it added.

Cyber security attacks dropped 49.7 percent in the three months to March to 28.2 million from 56.2 million in the quarter ended December.

The National Kenya Computer Incident Response Team Coordination Center however, warned that cybercriminals have been developing powerful tools with the increase in uptake of technology.