80 pc of Kenyan websites vulnerable to cyber attacks, says report
More than 80 per cent of Kenyan websites can be easily hacked since they operate on software whose security codes are available online for free, says an industry cyber report. File
More than 80 per cent of Kenyan websites can be easily hacked since they operate on software whose security codes are available online for free, says an industry cyber report.
The report by Serianu — an IT security consulting firm — found that more than 80 per cent of local website are either built on open source software such as- Joomla, Apache and MySQL and their security settings not customised.
(Read: Kenyan firms, state agencies face increased cyber threats) Unlike other proprietary software such as Microsoft or IBM programs whose codes are only available to the vendor and the client, open source software source code is available to the general public for use and/or modification from its original design free of charge.
William Makatiani, the managing director at Serianu Ltd said that the weak internal and external IT security system has highly exposed local businesses and government to hackers.
“Government websites and banking institutions remain the most vulnerable targets, most of their website are developed externally but they rarely do a check on their security settings or update them” said Mr Makatiani.
Credit card data
“During our research, we came across a credit card shop that was selling credit card data issued by banks located in Kenya.”
The study which was done between the months of January and April lists bank account, credit and debit card details as the most looked for data by cyber criminals.
It also notes that most firms do not update their software in tandem with those of software vendors such as Microsoft and Oracle.
This provides an opportunity for cyber criminals to send software that has the ability to squat in computers and steal vital information such as business strategies or business plans especially from banks, insurance and telecommunication firms.
“Increasingly, these organisations are becoming primary targets of insider and outsider attacks with cyber criminals targeting businesses to gain access to intellectual property in form of software and business secrets stored in files and databases that are inadvertently leaked”
The study findings show how Kenyans organisations are vulnerable to cyber-theft or computer-related fraud with most financial institute and consumers adopting online banking.
In Kenya online fraud has been growing steadily and commercial banks are estimated to lose Sh3 billion to smart thieves every year.
Last year, Deloitte East Africa released a report indicating that the majority of East African firms are not compliant with international standards for electronic payments exposing them to high levels of ATM-related robberies and fraud cases.
Another survey by PricewaterCoopers (PwC) Global Economic crime survey found that countries such as Kenya, South Africa and UK had recorded a 40 per cent increase in fraud cases in 2011 threatening the drive towards a cashless economy.
Latest Central Bank of Kenya (CBK) data shows that the value of plastic card transactions in Kenya jumped 40 per cent to Sh214 billion in the first three months of 2012, despite rising insecurity and fraud cases.
The CBK data indicates that the number of cards in circulation rose to 9.6 million in March 2012 up from 8.2 million in March 2011, benefiting from a growing middle class in the country that is increasingly using plastic money in place of cash. Debit cards were the most popular among consumers accounting for about 82 per cent of transacted values.
PAYE Tax Calculator
Note: The results are not exact but very close to the actual.
