Kenya worst hit in East Africa by cyber crime

NAIROBI, KENYA: Banks have become the leading target of cybercrime as people increasingly adopt the use of financial technology. According to Serianu’s Cybersecurity Report 2016, African countries lost at least $2 billion in cyberattacks in 2016.

Speaking during the Connected Summit 2017, Cisco Regional General Manager, David Bunei said the increasing use of cyberspace and digital applications posed its own challenges, which are however, outweighed by the opportunities. He encouraged CEOs to make cybersecurity a business priority.

In East Africa, Kenya recorded the highest losses — $171 million — to cyber criminals. Tanzania lost $85 million while Ugandan companies lost $35 million. Over one-third of organisations that experienced a breach in 2016 reported substantial customer, opportunity and revenue loss of more than 20 percent, this according to Cisco 2017 Annual Cybersecurity Report.

Mr Robert Mugo, the Ag. Chief Executive Officer of ICT Authority said the government was committed to developing comprehensive and offensive cyber-capabilities to protect citizens in the cyber space against threats and attacks. “We will achieve this goal through enhancing ICT security competencies and bolstering international collaboration,” said Mr. Mugo.

Chief Security Officers cite budget constraints, poor compatibility of systems, and a lack of trained talent as the biggest barriers to advancing their security postures. Leaders also reveal that their security departments are increasingly complex environments with 65 percent of organisations using from six to more than 50 security products, increasing the potential for security effectiveness gaps.

Kenyan bank accounts are more prone than ever to cybercrime owing to the growing use and adoption at risk. This statement has been evidenced by statistics present in the recent Kenya Cybersecurity Report 2016, published by Serianu Limited and which asserts that Kenya lost about $175million last year.

In 2016, we witnessed more advanced attacks in banks mostly perpetrated by insiders, raising the concern that the banking sector is unprepared to deal with insider threats. According to the Serianu Report, other sectors that have attracted criminals are the government, telecommunications, mobile money services, Saccos, microfinance and co-operatives, e-commerce and online markets

Moreover, the Report managed to establish that cybercriminals are deliberately targeting the Kenyan digital economy with the intention of wreaking havoc and making away with millions. “Essentially, in terms of cyber resilience, the Kenyan digital economy can be likened to a slow, plump gazelle stumbling through the “cyber-savannah” in the full view of agile, informed and hungry cyber-predators keen to sink their teeth into their sumptuous prize,” said Teddy Njoroge, the ESET East Africa Country manager.

He observed that with more than 75.3% of Kenyan citizens formally included in financial services through financial technology, one would logically expect a correspondent increase in cybersecurity investments in the financial services sector. Regrettably this is the opposite in the case of Kenyan banks.

The Kenya Cybersecurity Report 2016, highlights that about 44 percent of financial institutions run on a paltry cybersecurity budget of $1-1,000 annually, whilst about 33 percent of financial institutions in Kenya have $0 spend on all matters cybersecurity.

“Effective infrastructural cybersecurity measures come at a budgetary cost which must be respected by C-Suite executives if we are to tame the constantly evolving threat landscape. Hackers collectively invest in their own expertise and tools to hack siloed and non-forward looking institutions who continue to ignore this phenomenon,” said Mr Njoroge.