By Steve Mkawale
Kenya: The text messages in your phone can easily be accessed by intelligence agencies and even private individuals keen to know your personal secrets.
Hacking of SMS data and emails is already at the centre of an international scandal in which the United States government was caught red-handed snooping into the communication secrets of presidents of foreign countries like Germany and Mexico.
Closer home, suspicion has always been rife that our own National Intelligence Service (NIS) has been creeping behind our backs to know what we communicate using our phones and computers.
In fact, monitoring of telephone conversations was prevalent even before the advent of mobile telephony.
Hacking and tapping of communication channels for prominent personalities and persons of interest to governments started in Kenya way back during the era of the Special Branch Unit.
According to a former spy who spoke to us on condition of anonymity, the hacking of communication channels in Kenya started when the country had fixed telephone lines.
“We used to have our officers stationed at the Kenya Post and Telecom Corporation offices countrywide. They would monitor telephone conversations of senior government officers and even intercept mails,” said the former spy who worked for the government for more than 15 years.
Recently, Nairobi Senator Mike Sonko was in the news when he bragged that he uses spy technology better than those at the disposal of the country’s spy organisation.
Some spy applications like ‘ownspy’ that can be installed on smart telephones like the iPhone enable one to record all calls he gets and to intercept calls being made to or from other telephones, provided consent was previously given by the owner of the phone to be intercepted.
In the United States, Barack Obama’s government is battling damning revelations that its National Security Agency (NSA) was spying on foreign countries, most of them allies like Kenya.
In one case, it has been revealed that NSA, besides hacking into the presidential computer network of its southern neighbour, Mexico, during the reign of President Felipe Calderon, it also hacked into the 86,000 SMS messages of his heir Enrique Pena Neta.
The US is battling with diplomatic embarrassments after leakage of how the NSA works. Brazil president Dilma Rousseff cancelled a visit to the US and launched scathing attacks against the Obama government after revelation of how extensively the Americans were monitoring her country.
The latest country to protest is France which summoned the US ambassador in Paris over the huge scale of American spying on French citizens.
Data containing information on NSA activities was released to the world by former defence contractor Edward Snowden who has now sought asylum in Russia.
Information relating to the extent of US interference with electronic communications in Kenya have not been unveiled but according to initial reports, the country was one of the countries in Africa where NSA monitoring was highest.
The revelations show that the US monitors not only those of interest on security issues but also individuals in politics and business.
Some analysts say part of the US foreign policy might be based on information stolen in such manner.
With the revelations concerning how far modern technology can be compromised, questions are being raised about whether any information one has in a telephone or computer can any longer be regarded as private.
Besides monitoring of communications for espionage purposes, hackers with personal agenda can also take control of another person’s e-mail account and decide to use it to commit a crime or generate mails for ulterior motives.
IT consultant William Makatiani of Serianu Ltd says there are various ways one can detect email or Twitter accounts that have been hacked. He says active use of the compromised account- where the hacker uses the account to send messages or tweets is the easiest one to be detected.
“The very obvious situation is when the compromised account is used to send e-mails or unauthorised tweets.”
Another scenario is when a hacker gets access to the account for espionage purposes but does not use it to send out communication to any external users.
“In this case, the owner of the hacked account, will need to get access to the user/activity logs which show when the account was accessed and from which IP address the account was addressed,” he says.
Makatiani concurs that the practice is rampant in the country especially in work places. This can come in two forms. One is social, where suspicious spouses log into partners’ e-mail accounts to spy on them and, two, corporate espionage which involves spying to get corporate information on the competition.
Makatiani says mobile espionage is rampant in the country due to easy availability of software and also failure to protect passwords.
“Many users are now typing their passwords all over the place. Previously the password was only used on one device, but nowadays the password is used in at least two to three mobile devices. As a result most users don’t practice password hygiene.
“Most users will log onto public (cybercafé PCs) and not sign off. In fact most users don’t like to change their passwords,” he adds.
Experts in the Information Technology industry warn that the situation is slowly getting out of hand and no one is safe.
With the introduction of computer software that can monitor and access text messages from mobile phones and other spyware available online, the safety of your e-mails and other vital documents in your computer is not guaranteed.
Kenyan politicians have over the years claimed that the NIS has been snooping on them by tapping their phones and even hacking e-mails.
Soon after the Westgate Shopping Mall siege that left more than 70 dead and hundreds injured, MPs criticised the NIS of failing to prevent the attack because they spend too much of their time snooping on politicians.
Sometime back, a hacker to defaced the website of the Kenya police.
Although there was no information about the hacker’s motives for targeting the website, that was a pointer that hacking was rampant in Kenya.
Sometimes these attacks can be claimed by an entire hacking crew.
It was not the first time when Kenyan law enforcement agencies are targeted by hackers. The site of the Administration Police, a separate interior ministry department, was defaced on two separate occasions in the year 2011.
Information Communication Technology (ICT) experts interviewed by the Counties confirmed that hacking of communication channels is rampant in the country.
“This practice is unacceptable, illegitimate and contrary to Kenyan and international law,” said IT expert John Karanja says.
The NIS apparently has powers, in the NIS Act of 2012, to snoop into people’s private communication. Article 6 (2) (c) says the Service shall have the powers to “monitor and record electromagnetic emissions, acoustic emissions and other emissions” for the purpose of guarding national interests.