Executive Summary
The Sector Statistics Report for the Fourth Quarter of the 2018/19 Financial Year provides an overview of the performance and trends of the ICT sector for the period 1st April to 30th June 2019, which also included the focus on the Cyber Security Landscape.
Cyber Threats Statistics
Kenya’s mobile industry is among the most developed mobile eco-systems in Sub-Saharan Africa. This is mainly attributed to the existence of an appropriate policy and regulatory framework which has enabled rapid expansion of mobile networks and relatively affordable mobile services. It is estimated that at least 96 percent of the Kenyan population is covered by a mobile network.
The increased connectivity to mobile services has resulted in numerous economic benefits such as improved access to information, enhanced financial inclusion and ease of doing business and the digitization of several functions of the government and private sector under the management the ICT regulator. At the same time it has been a darling to cybercriminals who use the space to attack institutions.
During the period April – June 2019, the National KE-CIRT/CC detected 26.6 million cyber threat events as compared to 11.3 million cyber threat events detected in the period Jan –Mar 2019. This increase in the number of cyber threat events detected is attributed to the global increase in malware including ransom-ware attacks during this period.
Fig 1 Cyber Threats Statistics
| Cyber Threat
|
Jul-Sep 19
|
Oct- Dec 18
|
Jan-Mar 19
|
Apr-Jun 19
|
Totals FY 2018/19
|
| Malware | 1,844,897 | 9,026,924 | 8,883,862 | 21,137,458 | 40,893,141
|
| DDOS/Botnet | 911,298
|
453,371
|
1,133,893
|
2,353,460
|
4,852,022
|
| Web Application Attacks
|
1,064,971
|
737,289
|
1,222,237
|
3,084,687
|
6,109,184
|
| System vulnerabilities | 2,548 | 3,449 | 13,319 | 28,597 | 47,913 |
| Total | 3,823,714
|
10,221,033
|
11,253,311
|
26,604,202
|
51,902,260
|
The National KE-CIRT/CC analyzed the cyber threat events and issued cyber threat advisories to the affected critical infrastructure service providers. During the period April – June 2019, the National KE-CIRT/CC issued 16,347 advisories, which is a 15.3% increase from the 14,174 advisories sent in the previous period.
| Cyber Threat Advisories
|
Jul-Sep 19
|
Oct- Dec 18
|
Jan-Mar 19
|
Apr-Jun 19
|
Totals FY 2018/19
|
| Malware
|
1,478
|
2,365
|
1,286
|
1,586
|
6,715
|
| Botnet
|
159
|
243
|
378
|
88
|
868
|
| Web Application Attacks
|
828
|
271
|
249
|
387
|
1735
|
| System Vulnerabilities
|
3,565
|
9,101
|
11,900
|
13,754
|
38,320
|
| Others
|
354
|
217
|
361
|
532
|
1464
|
| Totals
|
6,384
|
12,197
|
14,174
|
16,347
|
49,102
|
CONCLUSION
At the National Cybersecurity Conference held by the Communications Authority of Kenya in Nairobi on 24th and 25th of October, one of the discussions was the report by the National Kenya Computer Incident Response Team Coordination Centre. According to the report, 26.6million cyber threats occurred in the country between April and June 2019. This means gone are the days where wars were made through guns and explosives. Cyber attack is the new warfare and none of us is safe because cyber space is considered an integral component in our lives as well as other social aspects.
During the 2018/2019 fiscal year, the National Computer Incident Response Team and Coordination Centre (National KE-CIRT/CC) that is hosted by the CA detected 52 million cyber-attacks targeting critical infrastructure in the country. This confirms that cyber criminals have a high affinity for data, which they can exchange for a fortune.
It is high organizations realize that they cannot evade the issue of securing their systems and data hoping they won’t be attacked. Prevention is better than cure right? Why not take proactive steps to enhance cybersecurity at your workplace from today.
We at Salaam Technology Limited are focused on ensuring that digital assets are secured from the hands of the hackers by conducting penetration testing on your system and cybersecurity awareness for the employees in your organization. Talk to us so that we can help you combat any cybersecurity challenge.
Get the full report here