Government Secures Systems Against Cyber Attacks
The Government is on high alert and has been keenly following the development following last week’s unique global cyber-attack that affected hundreds of thousands of computers in several countries, Cabinet Secretary (CS) Ministry of Information, Communication and Technology, Joe Mucheru has assured.
Mucheru said Kenya has heightened cyber monitoring and surveillance mechanisms to prevent and eliminate any possibility of remote attack or any spread of the interferences in the local cyberspace.
Speaking on Tuesday during the ‘Thought Leadership Forum on Cyber Security’ at a Nairobi hotel, the CS assured the public that the government computer systems and networks, including the information they held were secured.
“The cybercrime threat is real and the Government is concerned about the escalating risk of eventualities within the region,” he admitted, noting that the malicious encryption based ransom software that infected computers running on windows operating system had devastating consequences.
“The virus disrupted operations at car factories, hospitals, shops and schools. One case has been reported here in Kenya,” he said, noting that the virus locked more than 200, 000 computers in more than 150 countries lately.
Mucheru however cautioned that even as the government guaranteed the integrity and security of the government computer and information systems, Kenyans should be extra careful and be on the look-out for malicious applications that attempt to infiltrate their personal computers and smart phone devices.
“Avoid clicking on unsolicited strange and suspicious links or opening attachments and emails from unfamiliar sources. Organizations in financial services sector are particularly vulnerable, as they significantly rely on financial technology to link to each other, financial markets and to other sectors of the economy,” the CS noted.
With more than 75.3 percent of Kenyan citizens formally included in financial services, logically, a corresponding increase in cyber security investments in the financial services sector is expected.
The 2016 Cyber Security Report published by Serianu indicated that a whopping Sh17.5 billion (USD175 million) has been pilfered from Kenya’s economy by savvy cybercriminals.
Further, the report, indicated that about 44 percent of financial institutions run on a cyber-security budget of a paltry USD1 to USD1, 000 annually, whilst about 33 percent of financial institutions in Kenya had zero spending on all matters on cyber security.
According to the 2016 FinAccess Household Survey endorsed by the Central Bank of Kenya and the Kenya National Bureau of Statistics, the number of Kenyans formally included by the financial system has grown by 50 percent in the last ten years.
Mucheru noted that the Cabinet has already approved and forwarded to parliament for debate the Computer and Cyber Crimes Bill that sought to increase penalties for cybercrime and related corporate espionage.
Once enacted, he said, the new law would protect the confidentiality, integrity and availability of computer systems, programs and data, prevent unlawful use of computer systems, facilitate investigations and prosecution of cybercrimes and facilitate international co-operation against cybercrime.
“Every offence found under the Computer and Cybercrimes Bill affecting protected computer systems will attract 25 years of imprisonment or a fine of Sh.25 million or both,” the CS said, noting that harsh penalties proposed to be imposed against cybercriminals must be commensurate with the heavy economic and psychosocial loss and damage they cause.
The CS acknowledged the immense secrecy in the occurrence of breaches in institutions which has compounded the problem, saying such gaps were detrimental to institutions and those of the consumers.
“Quantifying the exposure or the resilience of organizations both in public and private sector to cyber security incidents is challenging. This is because of the absence of standardized data about such occurrences,” Mucheru noted, adding that if not addressed, such breaches could have significant detrimental effect on individuals, financial loss or any other significant economic or social disadvantage.
Mucheru said the forum was timely as it should come up with recommending strategies that would forestall eventualities in the country to manage such as the latest cyber security attack in the country.
Edward Kiptoo, Lead Information Security Officer Middle East and Africa (MEA) said the volume and sophistication of cyber threat was increasing in part due to increased connectivity of persons and organizations.
“Good back-up and building integrity in back-ups is therefore key to address cyber security issues,” he stressed, adding that the current cyber threats were being operated by bad actors who moved with the speed of light and that the victim learns of the attack probably six months after the damage has already been done.
Information is a crucial asset in all organizations and its protection is a key success factor to thriving in the digital world.
Estimates show that cybercrime could cost the global economy up to Sh57.5 trillion (USD575 billion) in 2017 while experts are projecting that come 2019, an estimated 2 trillion dollars would be lost in cybercrime.
By Wangari Ndirangu