Rising cyber-attacks leave firms with huge losses

BY LILLIAN KIARIE

Cyber-attacks and security threats to businesses have risen sharply in the recent past, resulting in huge financial losses to firms in Kenya.

A report released by the Telecommunications Service Provider of Kenya (TESPOK) yesterday indicated that most businesses were suffering from recurrent disruptions.

Others were not meeting the mandatory regulatory compliance due to insecure business networks. This arises from inadequate knowledge about ICT. Speaking at the launch of the Industry Computer Security Report, TESPOK Chairman, Tom Omariba said most losses are incurred in business due to low-level knowledge in cyber security. “Cyber security awareness amongst the general public is rather low. We would like to sensitise the end users on what precautions to take when they go online,” he said.

 The World Wide Web was highlighted as the most attacked transmission control protocol in Kenya.

Spammers and phishers mainly attack the Domain Name Server (DNS) responsible for IP to domain name resolution. “As per our analysis, the bulk of all malicious traffic detected during the second quarter of 2013 targeted port 53 followed closely by port 5060. Port 53 is used by DNS. DNS is responsible for resolving readable ‘host names’ into numeric IP addresses,” the report read. Portugal, Canada and China were reported to have the highest number of attackers. Financial institutions have in the past reported incidences of being hit by fraudsters.

They cited, electronic funds transfer, bad cheques, identity theft, credit card fraud, loan fraud, forgery of documents and online fraud as some of the ways used to defraud clients. Some organisations were noted to conceal this information from the public. This is because they want to protect the reputation of the business and also wanted to reduce the risk of legal action from clients and end users due to data theft.

According to the report, the top sources of malware in Kenya are China, the US and Korea. These are most active in attacking and targeting local Internet users.

Portugal, Canada and China were reported to be the leading countries with the highest number of attackers. TESPOK Chief Executive Fiona Asonga, urged companies to subscribe to Icsirt services to ensure network safety for effective transactions.