Data breaches soar by 199pc in three months
A total of 278 million accounts were breached by fraudsters in three months to September, a 199 per cent increase from 93 million cyber threats detected in the previous quarter, a new report indicates.
Communications Authority of Kenya (CA) first quarter sector statistics report for the fiscal year 2022/2023 (July to September 2022) shows common security threats sprang from electronic payments through credit and debit card frauds.
The findings come on the heels of a spike in hacking activities targeting corporations since the onset of Covid-19 pandemic as digital thieves took advantage of weakened security with more people working from home.
Password compromises
Companies started reporting increased instances of pony-trekking, mainly through password compromises, due to the unprecedented changes in the way firms and their staff are currently forced to do business.
Password compromises and insider threats are considered the biggest cyber threats, with just over half of the businesses in Kenya today operating under .co.ke domains having experienced cybersecurity breaches during the period under review.
The report puts that figure at 98,662 during the quarter under review compared to 97,596 in the last quarter, a 1.1 per cent rise.
Cyber security continues to evolve rapidly as more citizens enter the digital realm. What’s worse, local businesses could continue to face losses running into hundreds of millions of shillings in cyber-related crimes with local underwriters unable to offer cyber insurance covers for business protection.
Association of Kenya Insurers CEO Tom Gichuhi recently admitted that local insurance industry players lack the capacity to price and offer indemnity covers to protect firms exposed to ransomware.
“This is an area we are running short of and not just here but globally,” disclosed AKI boss, warning that such exposures are likely to increase owing to the absence of professionals in the cybersecurity insurance space. The severity of financial consequences will be profound, according to Gichuhi who reckons that the huge costs incurred in cyber breaches and the amount paid to the affected companies in claims have rendered local insurers powerless in their pursuit to tap into the growing demand for cyber insurance, a condition that could keep the industry from veering into disaster.
Cyber insurance premiums can cost from $650 (Sh79,657 to $120,000 (Sh14.7 million) annually, and it could be more.
The authority estimates that Kenya’s economy lost in excess of Sh35 billion due to cyber-attacks after having reported more than 56 million cyber threats for the quarter that ended December 2020, a 59 per cent increase from threats detected in the previous quarter.
Online fraud
It attributes the trend to the rise in impersonation, online fraud, and abuse cases arising from increased use of the internet.
“This increase in cyber threat events detected is attributed to the significant increase in targeted attacks at Internet of Things (IoT) devices; increased activity by organised cybercrime groups,” CA noted in its previous report.
Meanwhile, the latest data shows that the period was also marked by increased activity across mobile network platforms due to the busy electioneering period.
Active mobile subscriptions (SIM Cards) grew to 65.5 million from 64.7 million recorded in the previous quarter representing a growth of 1.2 per cent – representing a mobile (SIM) penetration level of 132.5 per cent. The growth was a result of a directive by CA which directed all mobile operators to ensure 100 per cent compliance in the SIM-registration exercise.
