Technology

Kenya, rest of the world remain on high alert after new wave of cyber threats in 2024

By |

The National KE-CIRT/CC detected over 650 million cyber threat events over the period July - September 2024.

Around July this year, reports of Kenyans struggling to access government services at the e-Citizen platform exposed what later emerged to have been a series of cyber-attacks targeting the site by the infamous Anonymous Sudan cybercrime group.

Anonymous Sudan, an online cybercriminal group responsible for tens of thousands of Distributed Denial of Service (DDOS) attacks against critical infrastructure, corporate networks, and government agencies around the world claimed responsibility for the attacks that paralyzed services for several days.

The attack gave the country a feel of the crisis that results from hackers accessing critical sites that are relied on every day by Kenyans. The timing of the attack further put a test on the government's capability to cushion itself against cyber-attacks.

The timing of the attack however showed that the group's tentacles are yet to be fully cut as it occurred months after the Federal Bureau of Investigations (FBI) seized their powerful DDOS tool responsible for widespread damage and disruptions to critical infrastructure and networks around the world.

In an announcement made on October 16, the State Department of Justice announced that the seizure occurred when two of the group's members, Ahmed Salah Yousif (22) and Alaa Salah Yusuuf Omer (27) were indicted for carrying out similar attacks in the country.

The arrest also de-anonymized the persons behind the group and responsible for the activities that began in early 2023 when the hackers and their customers used the group's Distributed Cloud Attack Tool (DCAT) to conduct destructive DDoS attacks and publicly claim credit for them.

"In approximately one year of operation, Anonymous Sudan's DDoS tool was used to launch over 35,000 DDoS attacks, including sensitive government and critical infrastructure targets within the Department of Justice, Defense, the FBI, the State Department, Cedars-Sinai Medical Center in Los Angeles, and government websites for the state of Alabama," the documents state.

A hooded man holds a laptop computer as cyber code is projected on him in this illustration picture taken on May 13, 2017. REUTERS

Other US victims also included major U.S. technology platforms, including Microsoft Corp. and Riot Games Inc., and network service providers in attacks that resulted in reported network outages affecting thousands of customers for days causing more than USD10 million in damages to victims.

Kenya remains on the edge over possible attacks, especially with the growing grievances against the government that saw some gain access to court proceedings and other platforms to pass on a message against those in authority.

Cyber threat events

The National KE-CIRT/CC detected over 650 million cyber threat events over the period July - September 2024 a drop from the over 1.1 billion cyber threat events detected over the period between April - June 2024.

The majority of the attacks targeted system vulnerabilities, a situation that has been worsened by the continued adoption of AI-enabled attacks, continued attacks targeted at system misconfigurations, and continued adoption of botnets and Distributed Denial of Service (DDoS) attack techniques.

"Cybercriminals are increasingly using AI-enabled attacks to enhance the efficiency and magnitude of their operations. They leverage AI and machine learning to automate the creation of phishing emails and other types of social engineering. Further, they are increasingly targeting system misconfigurations to exploit security weaknesses. These include open ports, insufficient access controls, amongst others, enabling cybercriminals to gain unauthorized access to systems, steal sensitive data, or even deploy malware," Communications Authority of Kenya Director General David Mugonyi notes in the July-September cybersecurity report.

Another attack that shook the globe this year was the DDOS attack on Microsoft that created a significant disruption across its cloud services for nearly 10 hours, affecting a range of services including the Azure application that consequently led to the disruption of flight schedules, business and customer services globally.

Reader comments

Follow Us and Stay Connected!

We'd love for you to join our community and stay updated with our latest stories and updates. Follow us on our social media channels and be part of the conversation!

Let's stay connected and keep the dialogue going!

Latest News For You


x
Join to get instant updates