The downtime being experienced on the eCitizen portal has been caused by hackers attempting to jam the portal through an overload of data requests, ICT Cabinet Secretary Eliud Owalo has revealed.
Speaking during a morning show with a local radio station on Thursday morning, the CS said that no personal data had been accessed or lost and that every effort was being made to restore normalcy.
The kind of hacking experienced on the eCitizen portal is known as a Distributed denial-of-service (DDoS) attack, which disrupts a network, server or website by flooding it with meaningless internet traffic to prevent legitimate users from accessing services.
The CS revealed that the attack had been carried out by a group that identified itself as Anonymous Sudan.
“There was a cyber-attack on the eCitizen platform but no data was accessed or lost. We are addressing that, and we are not just coming up with instant remedial measures to address the current situation but are also ensuring that we build an elaborate risk mitigation framework,” said the CS.
“In this instance, they tried jamming the system by making more requests into the system than ordinary, which led to the slowing down of the system.”
On Thursday, Kenyans took to social media to highlight the difficulties being experienced to log into the portal, which was recently relaunched as a one-stop shop for about 5,000 government services.
“Imagine eCitizen being hacked! It has all the information on all Kenyans who have ever used it and all government departments! Worse is if NTSA was accessed because all information of anyone who has a driving licence, at least 28 million people, is in the wrong hands now!” posted a Twitter user only identified as Juma G.
A Business Daily spot check showed that the system was still experiencing a downtime minutes to midday.
“The server encountered an unexpected error,” read a screen notification after several login attempts.