× Business BUSINESS MOTORING SHIPPING & LOGISTICS DR PESA FINANCIAL STANDARD Digital News Videos Health & Science Lifestyle Opinion Education Columnists Moi Cabinets Arts & Culture Fact Check Podcasts E-Paper Lifestyle & Entertainment Nairobian Entertainment Eve Woman Travelog TV Stations KTN Home KTN News BTV KTN Farmers TV Radio Stations Radio Maisha Spice FM Vybez Radio Enterprise VAS E-Learning Digger Classified Jobs Games Crosswords Sudoku The Standard Group Corporate Contact Us Rate Card Vacancies DCX O.M Portal Corporate Email RMS

Alarm as hackers take down crucial State websites

By Frankline Sunday | June 4th 2019
By Frankline Sunday | June 4th 2019

Attacks, including one on the crucial State’s IFMIS payments system, raise questions on the security of key public data.

The Government’s central payments database and 27 other websites of State agencies remained offline for several hours yesterday after hackers compromised their systems.

An attack on the State’s online portal used to pay suppliers and disburse funds to county governments - the Integrated Financial Management Information System (IFMIS) - was especially worrying, coming in the wake of repeated warnings that security and administrative flaws undermine the critical system.

Similar attacks on the websites of other key State agencies, including the National Youth Service, the Judicial Service Commission and the Energy Regulatory Commission also brought into question the safety of key public data.

The attack on IFMIS rendered the platform inaccessible for the better part of the day, with users being redirected to a page containing the logo of the KURD Electronic Team, the hackers who claim to be behind the attacks.

The hackers also claimed to have taken down the Machakos County Assembly website.

By the time of going to press, several of the websites had been restored, with the National Treasury saying the core IFMIS network had been unaffected.

“IFMIS system is up and running,” said a statement from IFMIS. “There has not been any hacking in the Government Financial System. Hackers tried to deface the IFMIS public website. The website and the system are hosted in two different physical environments.”

However, access to the IFMIS site used by government suppliers and prospective bidders to access crucial procurement information was still inaccessible by late evening.

The attacks have put the Government on the spotlight, with the National Treasury and the ICT Ministry hard pressed to explain the security lapse given previous warnings of vulnerabilities in IFMIS and generous budgetary allocations to safeguard the platform. In the 2018/2019 financial year, Treasury received Sh153 million for implementing and maintaining ICT resources, including licence renewal payments to tech giant Oracle for IFMIS as well as procurement of end-to-end connectivity for several counties.

The outage also came weeks to the close of the 2018/2019 financial year where State departments and counties are currently reconciling their payments accounts.

IFMIS was first introduced in the country in 2003 with limited modules for automation and most processes remained manual for several years. The system was then re-engineered in 2012 at a cost of Sh10 billion to include all ministries, government departments, agencies, and later counties.

Several governors, including Kirinyaga’s Anne Waiguru and her Kiambu counterpart Ferdinand Waititu recently blamed Treasury for producing conflicting reports from IFMIS that allocated State functions to county expenditure.

Share this story
NBK put to task over its takeover by KCB
Lender’s managers surprised legislators by saying they are unaware of details of the takeover bid.
CS Najib Balala summoned over stalled project
There have been reports of cut-throat competition between agencies under the Ministry of Tourism.