The number of cyberattacks targeted at internet users in Kenya jumped 16.5 percent in the three months ended June 2024, new data shows, driven by criminals exploiting the artificial intelligence (AI) craze.
Data by the Communications Authority of Kenya (CA) shows that the National Kenya Computer Incident Response Team – Coordination Centre (National KE-CIRT/CC) detected some 1.1 billion cyber-attack threats in Kenya between March and June this year, up from 971.4 million recorded in the previous quarter.
They comprised system attacks, malware attacks, brute force, and Distributed Denial-of-Service (DDOS). DDos is a cybercrime in which an attacker floods a server with internet traffic to prevent users from accessing connected online services and sites.
“During the three-month period between April and June 2024, the National KE-CIRT/CC detected 1.1 billion cyber threat events, which represented a 16.5 percent increase from the 971,440,345 threat events detected in the previous period (January to March),” CA said in its report.
System attacks contributed 1.06 billion threats, translating to 97 percent of all threats received in that quarter, and 31.9 million were categorised under malware attacks.
A system attack is an attempt to disable computers, steal data, or use a breached computer system to launch additional attacks.
“In line with global trends, the ongoing exploitation of “system vulnerabilities” may be associated with the continued proliferation of Internet of Things (IoT) devices which are inherently insecure, insecure system configurations and deprecated software, as well as the dynamism occasioned by new and emerging technologies such as Artificial Intelligence (AI),” added CA.
“Majority of the attacks were targeted at organisations within the ICT sector… attackers targeted database servers and operating systems belonging to Internet Service Providers (ISPs) and cloud-based services,” the regulator further said.
Some of the most targeted systems include database servers, operating systems, network devices, web applications, and remote access systems.
Providers of internet services, cloud services, and healthcare are the top affected industries reporting the highest number of system attacks.
“Most attackers exploited vulnerabilities in outdated operating systems and leaked user login credentials… the continued prevalence of system vulnerabilities, which is a vector that has long been used by cyber threat actors, may be attributed to the proliferation of the Internet of Things (IoT) devices which are inherently insecure,” CA said.
Cybercriminals are exploiting malicious links, Hypertext Transfer Protocol (HTTP) vulnerability, remote code execution, outdated operating systems, leaked information, and broken access controls.
The authority’s advisory on system attacks grew 9.66 percent to 9.35 million on the back of higher cases in the period under review.
Malware attacks and web application threats fell 45.61 percent and 13.4 percent respectively.
This was attributed to improvement in cyber hygiene and awareness.
Attacks were mainly on government websites, internet service providers (ISP), cloud service providers, and academia.
Mobile application attacks against Google TV applications, set-top boxes, android televisions, and phones fell 42.01 percent to 99,294 attempts.
Some 7.3 million attempts of Distributed Denial-of-Service (DDoS) attacks compromising access to critical public ICT infrastructure were reported which is an 81.02 percent fall from the previous quarter.
By Edna Mwenda