There is general notion about internet crime which has sank into our minds saying cyber crime only happens in developed countries leaving a country like Kenya aside. This is one of the silent crimes committed in the world with its price watering down efforts of big investments within a span of seconds.
Cybercrime has been witnessed in big entities like government agencies, tech companies, banks and military firms forcing them to spend huge amounts of money on security matters to keep the data safe. With ballooning of private business and gradual transformation of digital and computer sectors in the developing world, content creation and dissemination are still a challenge, confidentiality of digital contents is still exposed because hackers are all over the space trying to improve their hacking skills.
Cyber-attack therefore, has been narrowed down to small businesses after big companies developed sophisticated security checks which have sheltered the evil-doers from penetrating into their systems and haltering the data. According to the report released by Communications Authority 2018/2019, the perpetrators are now targeting vulnerable groups of people who mostly use cyber cafés and mobile phones.
Kenya’s statistics of data breach released by Communications Authority (CA) in 2018/2019 shows shocking revelations, the increasing threats targets Kenya’s cyberspace with 10.2 million cyber events and millions of unreported cyber users who fall prey every single day. These criminalities vary at different levels depending on the motive of the doer, they can be classified in two categories; personal attack and company attack.
Individual online fraud
Individual attacks target a single person for specific reasons, Online abuse or online fraud leads in this category, intruder gets information through social media accounts, hacking your mobile phone or computer, unsolicited calls and emails, bank accounts detail as well as lost personal items and information. It becomes hard when an intruder gets into your personal space because they eventually change password and manipulate your data, others can start analyzing your financial data and focus bargaining heinous schemes or siphon your finances in the bank. It advisable therefore, to log out your accounts or avoid saving your password in the cyber after accessing your data, because perpetrator will be able to get into your details unknowingly and extract some sensitive data and block you from accessing your account.
In this digital era, information sharing has increasingly impacted on our daily lives, improving communication networks in Kenya and around the world, many people prefer accessing their accounts directly using mobile data bundles which is 100% secured while others use company’s WIFI which is a bit secure compared to public WIFI. Nowadays there are free WIFI at public institutions, luxury restaurants and hotels, waiting rooms in airports, museums, bookstores, parks and cinema halls. Surprisingly this privilege comes at a price, fortunately a few understand its risks and can avoid while others ignore and pay the price later. For those using public WIFI, they fall into hands of hackers who distribute deadly malware, these hackers can easily plant sophisticated virus or infected software on your mobile phone or computer without your notice.
The recent case of stealing 2.2million from ATMs in Thika on the eve of Mashujaa Celebrations 19/10/2019 where DCI Thika Branch conducted a search leading to arrests of suspects. The video tape exposed two security officers; Stanley Nyakundi and Godfrey Masinde Simiyu who had been working with Mwaura, the ring leader and mastermind. They had transacted over 2 million in September 2019.
According to the DCI their activities and network is wide and perhaps they had managed to siphoned millions of shillings from M-pesa shops and mobile user after calling and claiming to offer accounts assistance.
Confidentiality-breach in banks was witnessed in Kisumu on 1th July 2019 after Omondi, A businessman received unsolicited callers claiming to be from Kenya Commercial Bank Kisumu and wanted to be provided with bank details so that they aid, and later lost all his 229,894 shillings.
Other personal information breach includes hate speech, incitements and fake news which affects social media user and consumers who fall prey after using information wrongly in the social media accounts.
The advanced cyber-attack is executed in companies or organizations where a gang of IT specialists study the functioning of the company’s functioning systems, they access website, emails or computer systems and purposely disrupts the normal functioning of the systems. The common attack is Denial-of -Service (DOS), attacks the offender disrupts the normal functioning of the computer services and intrude into the company’s data.
Phishing attacks is another deadly cyber security trap, opening phishing emails from spam folder creates a links with malicious software which is implanted with deadly virus that has potential to interfere with your data. The spam folder contains these messages indicating attractive invitations and offers, opening them will affects the normal functioning of your smart phone or computer and eventually compromising passwords and data.
High-tech cyber-crime done in Kenya takes a span of time and can cause economic disruption because it destabilizes the normal functioning of the company. Around January 2019, The Director of Criminal Investigation reported cybercrime act conducted by 130 people between June 2018 to January 2019 and issued warrant of arrests in connection with electronic fraud. These people were reported trying to hack Commercial Bank systems several times. The bank immediately notified lenders to be extra careful about transacting their services without proper procedure.
During investigation, A detective, who spoke anonymously so as not to interfere with investigation said the rise in cyber fraud targeting financial institutions had been on significant rise forcing security agencies to speed up investigations and arrests to contain the situation “The amount involved are staggering to massive losses banks incur every year” He said.
Measure to curb cybercrime
As for measures and recommendations to curb cybercrime in Kenya, a company must remain firm and strong in keeping its data and maintain other services, it should have good approach in handling computer services and data to keep away cybercrime and computer related activities.
Most companies in Kenya employ computer experts’ who are good in developing Incident Response Plan and are tasked with maintaining the company’s systems, updating the software and informing staff on the risks of intruders or perpetrators getting into the system. These experts can come up with special keys and codes which can be used to protect company’s data and systems hence can offer training to staff so that they can easily detect threats and take immediate measures. They also offer serialized codes and process their details for security purposes.
A good company will always implement administrative accounts and identify specific admin who supervises the whole system, knows where the sensitive data is and always knows which means the data will be shared. It is important also to improve security systems by testing security product often to determine its capability, assessing notifications and to improve performance. In additional, it’s good to use strong encryption to keep data safe from intruders and clean and up to date backups to safe data from getting lost in case of any incidence.
It is therefore advisable to be extra careful while using computer or mobile services.