The global and Kenyan cyber-security landscape

As the uptake of technology increases in virtually every industry, the hunting field(s) for Cyber-criminals has also expanded exponentially, thus making cyber-attacks even the more common. Below screenshot as per the Kenya’s National Cyber-security Strategy 2014 indicates the advancement of attack sophistication from 1980-2014.

Trends in Cybersecurity

We have not been spared locally either as in Kenya cyber threats have been on the rise especially given the fact that Kenya has the highest internet penetration in Africa with over 31 million people having access to the internet.

Communications Authority’s first quarter report for 2018/19 shows the National Cybersecurity Centre detected 3.82 million cyber threats, a rise from 3.46 million reported from the last quarter. Within the review period, the banking sector remained the most targeted industry followed by government institutions. Latest statistics from National Kenya Computer Incident Response Team Coordination Centre (KE-CIRT-CC).

Cyber Threats Detected

Globally some statistics related to cyber security as per updated in March 2019.

  • It takes half a year to detect a data breach.
  • 43% of all cyber-attacks are aimed at small businesses.
  • 91% of attacks launch with a phishing email.
  • A business falls victim to a ransomware attack every 14 seconds.
  • 38% of malicious attachments are masked as one Microsoft Office type of file or another.
  • Cyber criminals managed to exploit the credit cards of 48% of Americans back in 2016.
  • The global cost of online crime is expected to reach $6 trillion by 2021.

The top 5 security threats in Kenya

Top 5 threats in Kenya today( April 2019) include:


The word “botnet” is a combination of the words “robot” and “network“. Botnets can be infected with malware that allows hackers to remotely take control of a number of devices at a time, usually without the knowledge of the device owner.

Ways to prevent botnet malware:

  • Install trusted, powerful antivirus software on your computer.
  • Set your software settings to update automatically.
  • Be careful what you click, download, or open.

Social Engineering

Social engineering is the art of manipulating people into doing things, particularly security-related such as giving away computer access or revealing confidential information. Rather than breaking into computer networks or systems, social engineers use psychological tricks on humans.The best defense against social engineering is employee education and training.


This is a form of malicious software (or malware) that takes over your computer, threatens you with harm, usually by denying you access to your data. The attacker demands a ransom from the victim, promising to restore access to the data upon payment.

Users are shown instructions on how to pay a fee to get the decryption key. The costs can range from a few hundred dollars to thousands, payable to cybercriminals in Bitcoin.

How to prevent ransomware

There are several defensive steps you can take to prevent ransomware infection. These steps are a of course good security practices in general, so following them improves your defenses from all sorts of attacks:

  • Keep your operating system patched and up-to-date.
  • Don’t install software unless you know exactly what it is and what it does.
  • Install antivirus software, which detects malicious programs like ransomware as they arrive, and whitelisting software, which prevents unauthorised applications from executing in the first place.
  • And, of course, back up your files, frequently and automatically! That won’t stop a malware attack, but it can make the damage caused by one much less significant.

Crypto jacking

Crypto jacking is the unauthorized use of someone else’s computer to mine cryptocurrency. Hackers do this by either getting the victim to click on a malicious link in an email that loads crypto mining code on the computer, or by infecting a website or online ad with JavaScript code that auto-executes once loaded in the victim’s browser.

Crypto jacking occurs when you visit a website that runs a malicious script that hijacks your CPU. You can install browser extensions that prevent this from happening.

Denial-of-Service (DoS)

Imagine you’re sitting in traffic on a one-lane country road, with cars backed up as far as the eye can see. Normally this road never sees more than a car or two, but a major show and a major sporting event have ended around the same time, and this road is the only way for visitors to leave town. The road can’t handle the massive amount of traffic, and as a result it gets so backed up that pretty much no one can leave.

That’s essentially what happens to a website during a denial-of-service (DoS) attack. If you flood a website with more traffic than it was built to handle, you’ll overload the website’s server and it’ll be nigh-impossible for the website to serve up its content to visitors who are trying to access it.

Single-origin DoS attacks can be mitigated by:

  • Victims can block the originating IP address, either at the firewall level (to kill HTTP requests) or further upstream at the ISP level (to kill network-level floods).
  • Victims can block the originating IP address, either at the firewall level (to kill HTTP requests) or further upstream at the ISP level (to kill network-level floods).
  • Enterprise products can identify and block single origin attacks as soon as they begin.

How many enterprises have suffered gross attacks in Kenya? Estimate the loss?

While most Kenyan companies remained mute over attacks on their individual portals, with nearly 90% of the crimes that hit banks going unreported, albeit to protect their business interests, CA’s report said 140 malware attacks (malicious software) were reported with the 2017 prolonged political period blamed for 104 incidents of impersonation, which were reported.

Three firms also suffered Distributed Denial of Service attacks (DDOS) leading to temporal lockdowns while 24 cases of online fraud were reported, and 64 online hate speech complaints lodged.

Kenya Cybersecurity Report by Serianu (an information technology services consultancy firm) reports that Kenya lost Sh21.1 billion to cybercrime in 2017, a 40 per cent increase from Sh15.1 billion in 2015.

How does the MTN Managed security service help in addressing the above?

MTN offers an end to end security solution that protects you from the various forms of Cyber Attacks with a range of products for the endpoint protection (Antivirus), Network Edge Protection (firewall) , Mail Security, Web Security among others.

We also offer analytics via our dashboard that gives you a summary of the network security related activities on your network, with the Security information and event management (SIEM) providing a more detailed real-time analysis of security alerts generated by applications and network hardware.

A memorable cybersecurity rule/ quote

“You may have coolest toys to protect your data/network but the weakest link in the fight against cybercrime may just be the end user.”

Article by Gilbert Agoi, Network Engineer at MTN Business Kenya.

Need some help?

Our experienced customer service engineers are always on call 24/7 to ensure your connection works.

or call us on (+254) 20 760 0001