Executive Summary

The Sector Statistics Report for the Fourth Quarter of the 2018/19 Financial Year provides an overview of the performance and trends of the ICT sector for the period 1st April to 30th June 2019, which also included the focus on the Cyber Security Landscape.

Cyber Threats Statistics

Kenya’s mobile industry is among the most developed mobile eco-systems in Sub-Saharan Africa. This is mainly attributed to the existence of an appropriate policy and regulatory framework which has enabled rapid expansion of mobile networks and relatively affordable mobile services. It is estimated that at least 96 percent of the Kenyan population is covered by a mobile network.

The increased connectivity to mobile services has resulted in numerous economic benefits such as improved access to information, enhanced financial inclusion and ease of doing business and the digitization of several functions of the government and private sector under the management the ICT regulator. At the same time it has been a darling to cybercriminals who use the space to attack institutions.

During the period April – June 2019, the National KE-CIRT/CC detected 26.6 million cyber threat events as compared to 11.3 million cyber threat events detected in the period Jan –Mar 2019. This increase in the number of cyber threat events detected is attributed to the global increase in malware including ransom-ware attacks during this period.

Fig 1 Cyber Threats Statistics

Cyber Threat

 

Jul-Sep 19

 

Oct- Dec 18

 

Jan-Mar 19

 

Apr-Jun 19

 

Totals FY 2018/19

 

 

Malware 1,844,897 9,026,924 8,883,862 21,137,458 40,893,141

 

DDOS/Botnet 911,298

 

453,371

 

1,133,893

 

2,353,460

 

4,852,022

 

Web Application Attacks

 

1,064,971

 

737,289

 

1,222,237

 

3,084,687

 

6,109,184

 

System vulnerabilities 2,548 3,449 13,319 28,597 47,913
Total 3,823,714

 

10,221,033

 

11,253,311

 

26,604,202

 

51,902,260

 

 

The National KE-CIRT/CC analyzed the cyber threat events and issued cyber threat advisories to the affected critical infrastructure service providers. During the period April – June 2019, the National KE-CIRT/CC issued 16,347 advisories, which is a 15.3% increase from the 14,174 advisories sent in the previous period.

Cyber Threat Advisories

 

Jul-Sep 19

 

Oct- Dec 18

 

Jan-Mar 19

 

Apr-Jun 19

 

Totals FY 2018/19

 

Malware

 

1,478

 

2,365

 

1,286

 

1,586

 

6,715

 

Botnet

 

159

 

243

 

378

 

88

 

868

 

Web Application Attacks

 

828

 

271

 

249

 

387

 

1735

 

System Vulnerabilities

 

3,565

 

9,101

 

11,900

 

13,754

 

38,320

 

Others

 

354

 

217

 

361

 

532

 

1464

 

Totals

 

6,384

 

12,197

 

14,174

 

16,347

 

49,102

 

CONCLUSION

At the National Cybersecurity Conference held by the Communications Authority of Kenya in Nairobi on 24th and 25th of October, one of the discussions was the report by the National Kenya Computer Incident Response Team Coordination Centre. According to the report, 26.6million cyber threats occurred in the country between April and June 2019. This means gone are the days where wars were made through guns and explosives. Cyber attack is the new warfare and none of us is safe because cyber space is considered an integral component in our lives as well as other social aspects.

During the 2018/2019 fiscal year, the National Computer Incident Response Team and Coordination Centre (National KE-CIRT/CC) that is hosted by the CA detected 52 million cyber-attacks targeting critical infrastructure in the country. This confirms that cyber criminals have a high affinity for data, which they can exchange for a fortune.

It is high organizations realize that they cannot evade the issue of securing their systems and data hoping they won’t be attacked. Prevention is better than cure right? Why not take proactive steps to enhance cybersecurity at your workplace from today.

We at Salaam Technology Limited are focused on ensuring that digital assets are secured from the hands of the hackers by conducting penetration testing on your system and cybersecurity awareness for the employees in your organization. Talk to us so that we can help you combat any cybersecurity challenge.

Get the full report here