Why spyware attacks are increasing in Kenya


Spyware attacks targeting organisations in Kenya have increased by 12.9 percent in the first quarter of 2023. PHOTO | SHUTTERSTOCK

Kenya is reeling from the latest cyber-attack that shook a crucial platform that the government is counting on to drive digitisation of its services.

The July 27 attack on the eCitizen platform has revived debate on how secure the digital platforms running most institutions are in the face of a growing global cybersecurity threat.

The eCitizen portal provides more than 5,000 government services including e-visas, and the attack made several of them inaccessible, inconveniencing individuals and businesses and denying the government revenue.

It followed another attack on Naivas supermarket a few months ago where the giant retailer’s data was accessed by cybercriminals.

According to a recent report by Kaspersky, a global cybersecurity and digital privacy company, spyware attacks targeting organisations in Kenya have increased by 12.9 percent in the first quarter of 2023.

This surge, Kaspersky says, calls for attention and proactive measures to safeguard the digital infrastructure.

Cybercriminals are now sending malicious software to gather data from devices and later send it to third parties.

Fredrick Wahome, CEO of Secunets Technologies and also the Vice Chair of Kenya Cybersecurity & Forensics Association (KCSFA), says that the sharp increase in spyware attacks can be attributed to the emergence of State-sponsored cyber espionage.

“While it may seem like something out of a spy thriller, State-sponsored cyber espionage has become a harsh reality. Sophisticated threat actors, backed by well-resourced entities, are targeting Kenyan organisations to gain access to classified information, intellectual property, and strategic data. The rise in attacks can be attributed, in part, to the clandestine activities of these State-sponsored actors,” notes Mr Wahome.

On the other hand, Peter French, General Manager - MEA and amp; South Asia, Acronis, says it is high time companies take proactive measures to safeguard their invaluable digital assets.

“There are still problems such as overreliance on the government sector for cybersecurity expertise and decision-making, limited resources, lack of awareness, inadequate policies and regulations. All these put companies at risk,” points out Mr French.

Dmitry Galov, Head of the Kaspersky Global Research and Analysis Team on the other hand says that “Installing effective security solutions will likely draw attackers away from an organisation.

It is a necessary investment. This is because cybercriminals may make a company lose information permanently, cause business disruption, loss of time, harm to reputation, and huge financial losses.”

Other factors are:

Underground cybercrime economy

Unbeknown to many, there exists a thriving underground economy fueled by cybercrime. Cybercriminal syndicates with extensive networks and resources are actively operating in Kenya.

These organised groups specialise in developing and distributing spyware tools, enabling them to infiltrate organisations, compromise sensitive data, and engage in nefarious activities such as ransomware attacks and intellectual property theft.

Exploitation of lax cybersecurity measures in critical sectors

Critical sectors such as finance, healthcare, energy, and government are facing an onslaught of spyware attacks.

Cybercriminals are exploiting the inadequate cybersecurity practices prevalent in these sectors, capitalising on weak network defences, outdated software, and limited investment in robust security measures.

The consequences of such breaches in these sectors can have far-reaching implications on national security and public welfare.

Insider threats and corporate espionage

Companies are increasingly waking up to the reality of insider involvement in perpetrating spyware attacks. Disgruntled employees, motivated by financial gain, or recruited by external actors pose a significant threat to organisations.

These individuals exploit their privileged access to compromise systems, leak sensitive information, or facilitate the deployment of spyware, resulting in severe damage to organisational integrity and trust. Addressing this kind of threat necessitates bold and comprehensive actions.

PAYE Tax Calculator

Note: The results are not exact but very close to the actual.