For the better part of this week, Kenya grappled with a major cyber-attack that disabled the e-Citizen platform, which the government is championing as the key to easing delivery of services.
According to President William Ruto, over 5,000 services will be available online eliminating the need for citizens to physically visit government offices.
But if the attack by a group calling itself Anonymous Sudan, which experts say has ties with Russia, is anything to go by, we need to review the country’s cyber security preparedness rather than concentrate only on digital development.
Apart from e-Citizen, the hackers also infiltrated the digital banking system, specifically Safaricom’s M-PESA inconveniencing thousands of users who could not transact on Thursday.
We are lucky the hackers mainly relied on Distributed Denial of Service (DDOS), a tried and tested method used to flood online services with traffic in an attempt to overwhelm the system and cause it to go offline.
This means no data was stolen although they claimed to have stolen some passport details for sale.
This is not the first time key institutions have suffered such cyber-attacks. Nevertheless, we agree that no country or institution can fully protect itself from cyber-attacks but at least we should minimise them or ensure they are promptly thwarted when they emerge.
According to some experts, Kenya is probably as well prepared as any government in Africa to respond to such an attack as this week’s.
One noted in an interview with BBC that the country, which ranks 51st out of 182 countries on the UN ITU’s Cybersecurity Commitment Index, has a well-developed cyber-security and computer-security emerging response infrastructure.
But as the National Cyber Security Policy notes, aggressively supporting the technological advancements in Kenya has resulted in a more open, interconnected nation which can offer adversaries avenues for exploiting computer networks.
It adds that cyber-attacks are continuously evolving — to a great extent faster than cyber defences — resulting in an ever-increasing frequency of attacks and the probability of success over time.
For this reason, the National Cyber Command Centre and the National Kenya Computer Incident Response Team – Coordination Centre (National KE-CIRT/CC) need to stay at the top of their game to ensure they are always ahead of hackers.
Cyber insecurity poses a major threat to the country’s economic and social development and thus the need to protect cyberspace with the same vigilance as that of the Kenya Defence Forces.
Stay informed. Subscribe to our newsletter
The government, through the Ministry of ICT and all other stakeholders must take necessary steps to guard and protect all Kenyans and their properties from all potential cyber crimes. It is possible to be ready and always alert!