News

KRA seeks cyber crime solution after Sh4bn theft

JOHN

John Njiraini, KRA Commissioner-General. FILE PHOTO | NMG

The taxman has opened the search for an IT solution that will strengthen its protection against cyber-criminals, whose activities have been rising in Kenya as the country deepens its presence in the digital space.

The Kenya Revenue Authority’s (KRA) publication of an international tender for the supply of an enhanced intrusion prevention system (IPS) comes just months after hackers reportedly infiltrated the agency’s system and stole Sh4 billion.

KRA is seeking a “next generation” system that can actively monitor traffic, prevent its systems from being forcefully taken offline as well as block attempted theft of its passwords.

The tender documents say the taxman “is interested in the procurement of an upgrade of the IPS,” adding that the standalone IPS it currently runs does not meet the needs of the authority.

“(It) should be a next generation system from an internationally-recognised manufacturer. Tenders must be received by the KRA no later than June 27 (Tuesday),” the notice says. Intrusion prevention systems allow institutions to preemptively secure their networks by identifying potential threats – at the reconnaissance stage -- and responding to the same to minimise or eliminate any harm.

KRA is seeking a solution that will protect it against application vulnerabilities – including to its mailing servers – as well as produce reports detailing the attack’s footprint.

“KRA has an existing intrusion, detection and prevention system. The dynamic IT environment requires necessary upgrades and improvements from time to time to keep abreast with technology,” the taxman said in a response to the Business Daily’s queries.

The search for enhanced protection comes three months after Alex Mutungi Mutuku, a computer expert, was arrested and charged with hacking KRA’s systems and stealing about Sh4 billion, which he used to fund a lavish lifestyle.

READ: Equity, KRA probe unearths Sh120m tax evasion syndicate

The Special Crime Prevention Unit (SCPU) claimed the 28-year-old was part of a cybercrime syndicate – which included KRA staff – that stole large sums of money from the taxman, blue-chip banks, a parastatal and a supermarket chain.

Soon after the case was made public, KRA promised to enhance its “investment in ICT in addition to strengthening internal defences against cyber-crime”, which is seemingly what it is now doing.

The cybercrime syndicate, which attacked the KRA was found to have been operating in Nairobi CBD, upmarket Muthaiga estate, Thika, and Roysambu.

Special crimes detectives said they had discovered a laptop hidden within the KRA network chambers, which allowed the criminals unfettered access to the taxman’s system.

The gang illegally acquired credentials of users at the National Transport and Safety Authority (NTSA) and the KRA, which they used to register motor vehicles illegally and evade payment of tax.

The Kenyan hackers were working with foreigners based in Spain, France, Moldova, and Belgium to gain access to various systems and install compromising malware into them.

“KRA has been part of a multi-agency cyber-crime investigation initiative that commenced in late 2016 and whose outcome has been the arrest of several suspects among them KRA staff in the ICT department,” KRA said on March 8.

Upgraded systems like the one KRA is looking to procure are being developed in response to the increasing number of attacks on major sites and networks across the world.