Blog by
Angela Violet
Cybersecurity & IT Risks Associate (CITRA)
South-End Tech Limited
In an era dominated by digital dependence, Kenya has not been immune to rising cyber threats. Between October and December 2023, the East African countries saw a spike in system attacks, highlighting an alarming trend in cybersecurity. Most attacks were directed against organizations in the ICT sector. The attackers targeted database servers, operating systems, various Internet service provider (ISP) infrastructures, and cloud-based services. Most of the attackers exploited vulnerabilities in older operating systems and compromised 4,444 user credentials. The rapid Increase in the exploitation of system vulnerabilities, a vector that has long been exploited by cyber threat actors, can be attributed to the proliferation of the Internet of Things. Let’s dig deeper into the circumstances of these incidents and examine their impact.
- Resurgence of ransomware
During this period, Kenya has seen a resurgence of ransomware attacks targeting both government agencies and private businesses. The attackers used sophisticated tactics to infiltrate the system, encrypt the sensitive data and demand a large ransom for the decryption key. These attacks not only disrupted operations, but also caused financial losses and undermined trust in digital infrastructure.
2. Phishing Techniques:
Phishing has emerged as a widespread threat vector, with cybercriminals using fraudulent emails, messages, and fake websites to trick users, leak sensitive information such as login credentials and financial details. This method has proven particularly effective against unsuspecting individuals and organizations, highlighting the importance of robust cybersecurity awareness and training efforts.
3. Supply chain compromises:
Supply chain compromises also increased during this period, with attackers targeting third-party vendors and service providers to compromise interconnected systems. By exploiting vulnerabilities in supply chain networks, attackers can compromise high-value targets with relative ease, highlighting the interconnected nature of modern cybersecurity challenges.
4. Insider Threat:
During this period, insider threats posed a significant risk to data integrity and confidentiality. Malicious insiders, such as disgruntled employees or unwitting accomplices, used privileged access to launch cyberattacks or leak sensitive information. Addressing insider threats required a multi-pronged approach that included strict access controls, employee monitoring, and a comprehensive risk mitigation strategy.
5. Vulnerability Exploitation:
Exploitation of software vulnerabilities remains an ongoing problem as threat actors actively target unpatched systems and outdated software. Known vulnerabilities in common applications and operating systems are hotbeds for exploitation, highlighting the importance of timely patch management and proactive cybersecurity measures.
6. DDoS Attacks:
Distributed Denial of Service (DDoS) attacks posed major challenges to Kenya’s digital infrastructure during the specified period. By flooding targeted networks and servers with malicious traffic, attackers disrupted online services and made them inaccessible to legitimate users. The widespread availability of DDoS rental services has exacerbated the threat landscape, requiring strong mitigation strategies and collaboration among stakeholders.
A convergence of systemic vulnerabilities and evolving threat tactics from October to December 2023 highlights the need for heightened vigilance and proactive cybersecurity measures in Kenya. As digital transformation accelerates across industries, protecting critical infrastructure and sensitive data remains a top priority. By fostering cooperation, investing in cybersecurity capacity, and increasing awareness, Kenya can strengthen its defenses and reduce the risk of emerging cyber threats. Only through collective action and continuous adaptation can the nation navigate the complex cybersecurity environment and safely harness its digital potential.
Please do not hesitate to contact us for your Cybersecurity and Data Protection Solutions and Service needs on the telephone at +254115867309 +254721864169; +254740196519; +254115867309 or email.
