Kenyan Govt Websites among Most Targeted Systems by Hackers amid Surge in Cybercrime
- Kenya’s critical information infrastructure, including government websites, became key targets for cybercriminals in the past year
- Between October and December 2024, the National KE-CIRT/CC detected over 840 million cyber threat events, marking a notable increase from the previous quarter
- Malware attacks accounted for 33.9 million threat attempts, web application attacks saw a 29.04% increase and nearly 35 million attempts of brute force attacks were detected
- Allan Lwala, a cyber and information security consultant, told TUKO.co.ke that malware attacks involve malicious softwares designed to infiltrate, damage, or exfiltrate data from systems
Elijah Ntongai, a journalist at TUKO.co.ke, has more than three years of financial, business, and technology research and reporting expertise, providing insights into Kenyan and global trends.
Kenya’s critical information infrastructure, including government websites, became prime targets for cybercriminals following a surge in cybercrime threats towards the end of 2024.
Source: UGC
According to the cyber security report for the second quarter (Q2) of the financial year 2024/25, between October and December 2024, the National KE-CIRT/CC detected over 840 million cyber threat events.
This marked a significant rise in cyber attacks that utilised sophisticated methods, including malware, web application, and brute force attacks during Q2 compared to Q1.
According to Allan Lwala, a cyber and information security consultant, malware attacks involve malicious software designed to infiltrate, damage, or exfiltrate data from systems.
"Malware is the blanket term that covers any software that causes issues with the normal operation of any system. They include viruses, worms and trojans. Web App attacks are those that target public-facing systems like Websites, Portals, Web applications, etc. Brute force attacks are on passwords. Manipulating user credentials to gain access to systems illegally," Lwala told TUKO.co.ke
Malware attack trends in Kenya
Malware attacks saw an uptick with 33.9 million detected threat attempts in Q2. These attacks primarily targeted vulnerable systems, including internet service providers (ISPs), cloud service providers, and government systems.
According to the report by the Communications Authority of Kenya (CA),
"Malware attacks majorly targeted vulnerable systems or those systems holding financial or sensitive data. These attacks were aimed at undertaking data exfiltration, backdoor deployments, impact brand reputation and to encrypt or damage user data."
The National KE-CIRT/CC issued advisories, recommending security measures such as integrating security by design during software development, asset management with patch management, and improving end-user cyber hygiene.
The agency also advised organisations to deploy Domain-Based Message Authentication, Reporting, and Conformance (DMARC) and spam filters to mitigate risks from malware threats.
Web application attack trends in Kenya
Web application attacks surged by 29.04%, with 4.5 million attempts recorded in Q2. These attacks also largely targeted government systems and ISPs, focusing on exploiting weaknesses in user login credentials, web browsers, and database servers.
CA noted that attackers often took advantage of misconfigurations in SSL/TLS security to gain unauthorised access to valuable data, damaging the reputation of affected organisations by leaking sensitive information.
To mitigate this threat, the National KE-CIRT/CC recommended disabling SSL 3.0 support in systems, upgrading end-of-life products, and applying relevant patches and updates.
Brute force attack trends in Kenya
Brute force attacks were also a significant concern, though they saw a slight decrease of 8.79% compared to the previous quarter.
The National KE-CIRT/CC detected nearly 35 million brute force attempts, primarily targeting government systems and cloud service providers.
The National KE-CIRT/CC recommended stronger password management, patching vulnerabilities in network-based services, and disconnecting devices from the network when not in use. These steps, alongside regular software updates, are crucial for reducing the risk of brute force attacks.
Why cyber threats have increased in Kenya
As earlier reported by TUKO.co.ke, CA noted that the alarming rise in cyber threats in Kenya and globally can be attributed to the growing use of artificial intelligence (AI) and machine learning (ML) technologies by cybercriminals.
Additionally, factors like inadequate patching of systems, and a lack of awareness about various threats such as phishing and social engineering attacks and hacktivism, played a role in fueling the increase in cyber incidents.
In response to these growing threats, the National KE-CIRT/CC issued a total of 11.58 million advisories, a 20.9% increase compared to the previous quarter.
These advisories focused on critical security practices, urging organisations to regularly update systems, implement strong access controls, strengthen antivirus protections, and utilise multi-factor authentication.
Proofreading by Mercy Nyambura Guthua, journalist and copy editor at TUKO.co.ke
Source: TUKO.co.ke
Elijah Ntongai (Business editor) Elijah Ntongai is an MCK accredited journalist and an editor at TUKO.co.ke's business desk, covering stories on money, the economy, technology, and other business-angled stories. Ntongai graduated from Moi University with a Bachelor's in Linguistics, Media and Communication. Ntongai is trained and certified under the Google News Initiative and Reuters Digital Journalism. For any correspondence, contact Ntongai at elijah.ntongai@tuko.co.ke.
Allan Lwala (Cyber and Information Security Consultant) Allan Lwala is a cyber and information security consultant with over 10 years of experience. He is from Kenya and is currently based in Uganda. His background is in psychology, communication, and German studies from the University of Nairobi.
