19 Kenyan firms hit by costly ransomware cyber attack

19 companies in Kenya  hit by the WannaCry virus attack.

At least 19 companies in Kenya have been hit by the WannaCry virus attack that has affected more than 300,000 users in about 300 countries.

Friday, the Communications Authority of Kenya announced that the WannaCry cyber-attack that has gripped the global cyberspace since last week Friday hit home as local firms started reporting attacks on their IT infrastructure.

CA said there have been 19 incidents reported to the Kenya Computer Incident Response Team (KE-CIRT) but did not say whether the organisations that reported the attack have managed to regain control of their systems.

The WannaCry ransomware locks files in a computer and instructs users to pay Sh30,000 ($300) in the Internet currency Bitcoin to free them up but cyber security experts warn that payment of the ransom amount does not guarantee that the files will be freed up.

“So far, the National KE_CIRT has received 19 reports of incidents where the WannaCrypt0r virus has infected networks and computers in Kenya.

The Authority will continue working with stakeholders to mitigate the effects of such incidents while encouraging parties to put in place preventive measures,” said CA in a statement signed by Matano Ndaro, Director of Competition, Tariffs and Market Analysis.

Since Friday May 12, an estimated 300,000 computers in about 300 countries have been infected.

The attackers have reportedly been paid $80,000 (Sh8 million) as of Wednesday, worth of Bitcoin, a relatively low amount owing to factors such as difficulties in converting cash to the cryptocurrency.

More attacks

Some victims have been heeding the call by law enforcement agencies not to pay the cyber criminals.

Industry experts have in the past cautioned both private sector and Government agencies to increase investment in cyber security, considering the central role that networks are playing in the lives of Kenyans.

“The Authority through the KE-CIRT will continue liaising with local and international stakeholders to prevent and manage incidents of this cyber threat,” Ndaro said.