Time flies with great content! Renew in to keep enjoying all our premium content.
Prime
Why cyberattacks have become Kenya’s big headache
A cyberattack is a deliberate attempt by hackers or malicious actors to damage, disrupt, steal, or gain unauthorised access to computer systems, networks, or data.
Over the past two years, three major cyberattacks have adversely impacted normal government functioning, disrupted the status quo, and left State cybersecurity organs and professionals with an egg on the face.
Cybercriminals have grown in number and sophistication, and as attacks on governments increase across the globe, they have become increasingly successful in targeting the Kenyan government.
Here’s a breakdown of what the hacking involves and how the top three attacks injured the State.
A cyberattack is a deliberate attempt by hackers or malicious actors to damage, disrupt, steal, or gain unauthorised access to computer systems, networks, or data. Cyberattacks can target individuals, businesses, governments, and even critical infrastructure like banks and power grids.
They occur in various ways depending on the intent and manner of the attack. Phishing involves tricking a user into clicking on a link that then enables an attacker to gain access to privileged data or information.
Malware attacks involve remotely installing a malicious software in the targets computer that allows the attacker to gain control of their files, which they can hold for ransom, or use to spy on the target.
The third type is a Denial of Service (DoS) or a Distributed Denial of Service (DDoS) attack, which involves flooding the target’s website or network with excessive traffic, causing it to crash.
These three are the most common and the ones that have affected the Kenya government, although there are other types.
Below are the top attacks that adversely affected Kenya government.
BRS data breach – January 2025
The most recent of these attacks is the data leak from the Business Registration Services (BRS), which left sensitive details of over 2 million firms registered in Kenya between 1967 and 2024 in the hands of hackers.
While the BRS is yet to publicly state the cause of the breach, the Business Daily has established that it resulted from a bug in its IT systems, which was exploited by Moldovan firm B2bhint to freely access the data which would have cost a fortune to purchase from the State agency.
However, cybersecurity experts say it could also have happened with the help of an insiders, or through a spyware or a phishing link that enabled the unauthorised access to privileged information.
This leak rattled not just the BRS, which is the legal custodian of the information, but also top brass in the current and former governments, whose details were disclosed by the leaks.
Such include President William Ruto, whose family members, including wife Rachel Ruto, daughter Charlene Ruto, and son George Ruto who were disclosed to be have huge shareholding and directorship positions in multiple companies, most of which were registered after taking office.
Kenya Airways Data Breach – December 2023
Just over a year before the latest attack on BRS, the country’s flag carrier Kenya Airways suffered a major data breach that left over 2 gigabytes of privileged data on the wrong hands.
The attack was identified as a ransomware attack, orchestrated by a dark web organisation known as RansomExx, which hacked KQ’s systems, stole their data and demanded payment for it, which the carrier didn’t pay.
After the carrier declined to pay the demanded ransom, the attackers posted sensitive data about top, current and former government officials travel documents, travel itineraries, and destinations on the dark web, exposing secret information the State would have rather kept hidden.
The Office of the Data Protection Commissioner launched investigations into the leaks, but to this day, it has never published its findings on the same nor has the carrier been fined or held liable following the breach.
E-Citizen DoS attack – July 2023
For several hours on July 28, 2023, thousands of government services available on E-Citizen were inaccessible following a denial-of-service attack that brought down the platform.
A mysterious Sudanese hacker group known as Anonymous Sudan claimed responsibility for the attack, saying it was meant as a message to the government to stop its meddling in the Sudan war.
The attack, which came just a few months after civil war broke out in Sudan, is said to have been in protest of Kenya’s President William Ruto’s appointment by the regional bloc Inter-Governmental Agency on Development (Igad) to mediate the warring parties.
Dr Ruto was rejected by the Sudanese junta leader, who claimed he was an ally of the rebel group leader, and opted for South Sudan’s leader Salva Kiir to mediate them instead.
The attack came amidst the government’s increased efforts to move more services online, and just a few weeks after the relaunch of the e-citizen platform, dealing a blow to the State’s digitisation efforts.