Hackers find new ways to access your secret accounts
Hacking attacks on Kenya’s financial systems, including mobile banking, nearly tripled to 444 million in the year ending June 2022, highlighting the vulnerability associated with increased internet access in the country .
Cyberattacks rose by 158.4 million a year earlier as more people worked from home, ordered products online and made payments via mobile phones.
An email scam using a message from someone claiming to be a relative of a deceased African leader asking for bank details is well known, but now the tactics have changed.
Today’s cybercriminals don’t need user approval or awareness to access valuable data, which could lead to the theft of a large sum of money.
Kenya’s highly digitized economy linked to mobile money via telecom operators and banks has made the country a target for cybercrime and online fraud, with banks losing hundreds of millions every year.
The Central Bank of Kenya (CBK) said it has engaged payment service providers (PSPs) to provide vigilance and defenses, especially during festive seasons.
ALSO READ: New Cybersecurity Course Targets Financial Sector
“This increase in cyber threats against local targets has been attributed to increased internet penetration, adoption of e-commerce and cloud-based services to support remote working as well as an increase in the use of social media,” said Kenya Financial Sector Stability. The report says.
Cyberattacks have become a major risk for businesses in Kenya due to the increased use of mobile and internet banking services which have exposed bank customers to cybercrime, particularly fraud, malware and phishing attacks .
Financial malware includes viruses designed and developed to harvest financial information and steal money from individuals and businesses.
Hacking continues to cost companies billions of shillings and sensitive information, prompting them to harden their remote work systems.
According to the Allianz Risk Barometer 2022 report, the most feared cause of business disruption is cyber incidents, reflecting the increase in attacks, the impact of businesses’ growing reliance on digitalization and the shift to digital working. distance.
There were over 200 million cases of malware attacks which accounted for the majority of cyber hackers in Kenya, especially ransomware.
Ransomware is a type of malware attack in which the attacker locks and encrypts the victim’s important data and files and then demands payment to unlock and decrypt the data.
Distributed Denial of Service (DDoS) – an attack where hackers block operations of systems until a ransom is paid – is ranked second.
READ ALSO: Why passwords are the weakest link in the war against online fraud
DDoS attacks occur when hackers install malware on a network and then remotely control computers to disrupt normal traffic on a targeted server by overwhelming the target or its surrounding infrastructure with a flood of Internet traffic.
Some of the attacks are carried out through phishing attempts where criminals collect personal data and use it to siphon off money.
Phishing occurs when criminals send legitimate-looking emails from reputable websites asking for personal and financial information from unsuspecting people.
Widely circulated links promising free airtime, money and other products have been used in phishing attacks to collect personal data and use it to siphon off money.
The increase in cyberattacks underscores the growing vulnerability of institutions such as banks and government offices that risk losing confidential information and billions of shillings to hackers.
The Communications Authority of Kenya (CA) issued 7.9 million notices in the year to July 2022, up from 93,696 last year, in a bid to curb the upsurge in attacks.
The CA has asked Kenyans working from home and their businesses to change their default passwords and enable multi-factor authentication (MFA) where applicable.
It also instructed users to perform system monitoring and be on the lookout for any suspicious network activity and use firewalls to track incoming and outgoing activity of various applications installed on their computers or devices.
The regulator further advised users to choose apps and plug-ins carefully, as most backdoors hide in seemingly benign free apps and plug-ins.
ALSO READ: Alarm as state-sponsored cybercrimes continue to rise
Kenya will also benefit from the establishment of one of two Internet Corporation for Assigned Names and Numbers (ICANN) data centers in Africa, intended to increase internet speeds and make it more difficult to jam networks by hackers.
The data center will provide higher bandwidth and data processing capacity, reducing the risk of internet outage due to cyberattack. Increased capacity reduces the impact of attacks.
ICANN’s servers will specifically reduce the impact of cyber DDoS attacks which work by overwhelming servers with a flood of requests.