CYBER SECURITY ISSUES IN KENYA 2018

WHAT IS A CYBER ATTACK?

A cyber-attack is an attack initiated from a computer against a website, computer system or individual computer (collectively, a computer) that compromises the confidentiality, integrity or availability of the computer or information stored on it.

 

Cyber-attacks may take many forms, including:

  1. Gaining, or attempting to gain, unauthorized access to a computer system or its data.
  2. Unwanted disruption or denial of service attacks, including the take down of entire web sites.
  3. Installation of viruses or malicious code (malware) on a computer system.
  4. Unauthorized use of a computer system for processing or storing data.
  5. Changes to the characteristics of a computer system’s hardware, firmware or software without the owner’s knowledge, instruction or consent.
  6. Inappropriate use of computer systems by employees or former employees.

 

The Most Common Cyber-security Issues in Kenya

  • Mobile Payment and Banking Hacks

Every online communication is potentially vulnerable, even mobile and online payments. With millions of attacks against financial institutions daily, the main defense most banks have is “creating money” out of thin air using credit based on the presumed resolution of the problem in the future. It’s a bubble that security professionals are scrambling to stabilize before it bursts.

  • Next-Generation Heart-bleed

Open-source weaknesses like Shellshock, Poodle and Heartbleed have challenged the resolve of many institutions. Professionals saw certificate problems connected to aging hashing schemes and problems related to the outdated versions of the remaining supported ciphers. If some of the major players in the online world are struggling, how can smaller businesses expect to cope? Plus, Info Security shared that, “According to Net Applications, Windows XP is still running on 10.9 percent of all desktops as of March 2016,” which doesn’t receive updates anymore to protect computers from cyber-attacks.

  • Advanced Phishing Scams

Most phishing scams are fairly transparent, and sophisticated users rarely fall for pop-ups asking for a password even though less-sophisticated users are still vulnerable to these. Worse, attacks could soon include a password text box cloned over a legitimate one to trick users into delivering their passwords to an attacker. Google is now developing a special password-alert feature to help protect against future phishing attacks.

  • Cyber Election Fraud

It’s well known that in the 2004 U.S Presidential election, the republican incumbent received a higher percentage of votes in the category of votes submitted on electronic Diebold voting machines. Plus, elections have faced “hacktivism,” or unauthorized access to networks to push a political agenda, since the 1990s. Unfortunately, the only defense against this broad range of attack type will be CIA and FBI spies on social media trying to ferret them out by joining their groups.

  • Cyber Insurance is the New Cyber-security Posture

The inevitability of loss due to cyber-attack has led many industries to rely heavily on cyber insurance. The problem has become so prevalent that buying insurance for it has become analogous to buying a disaster-insurance policy for homeowners. The one advantage of buying an insurance policy to back up your IT assets is that after the damage is done, companies are sure to restore lost assets by filing a claim. Short of that, technological defenses are only as good as the hackers who have yet to defeat them.

There’s Still Hope

The task of cyber-security is always an endless, uphill battle against an ever-increasing threat. The good news is that the people on the defensive side generally have more resources like better machines, better training and more time to build stronger defenses than the enemy. Therefore, I believe the defense has a significant head start.



Leave a Reply