University of Nairobi's cyber-attack contained, says CA

NAIROBI: A cyber-attack on the University of Nairobi's social media sites has been contained.

The attacker demanded a ransom of Sh700,000 with threats of worse consequences if the institution did not yield to his demands.

In a statement, Communications Authority of Kenya Director General Francis Wangusi said the authority's National Cyber-security Centre had taken over the case.

"We are making efforts to ensure full restoration of any affected systems and resumption of normal operations," he said.

On July 11 at 4pm, the university's blog site was defaced by hackers who were demanding a Sh700,000 ransom.

One of UoN's twitter accounts was used to share blog sites, usernames and passwords, which led to the accounts being suspended.

According to a post on UoN's twitter account, the hacker had given the institution 24 hours to yield to the stipulated demands or face even worse consequences.

"...Today is check out or a really bad day for your systems, or whichever you guys will prefer," it read.

It added: "You just have about 24 hours before it is out of everybody's hands. Pay ten bitcoins to the below address."

According to foreign exchange, one bitcoin is worth about Sh70,000.

Locally, bitcoins are not a legal currency as the Central Bank of Kenya outlawed their use in a notice dated December 25, 2015.

"Virtual currencies are majorly traded in unregulated platforms globally. Consumers may therefore lose their money without having any legal redress in the event these exchanges collapse or close business," the notice partly read.

By virtue of being illegal and mostly transacted digitally, the bitcoins cannot be easily traced which makes them a good avenue for cyber hackers to terrorise individuals or institutions.