From the executive Summary of the Cybersecurity Report
This report is a perspective of the Communications Authority of Kenya with respect to the National Cyber Security landscape during the period October – December 2020. The Communications Authority of Kenya (CA) is mandated with implementing the National framework for cybersecurity management in Kenya. Towards this, the Government of Kenya through the Authority established the National Kenya Computer Incident Response Centre – Coordination Centre (National KE-CIRT/CC) as the point of contact on cybersecurity matters. To achieve this mandate and safeguard Kenya’s cybersecurity readiness and resilience, the Authority through the National KE-CIRT/CC has put in place initiatives covering people, processes and technologies to ensure the optimization and sustainability of the gains Kenya has so far realized in ICTs.
During the period October to December 2020, the National KE-CIRT/CC continued to carry out monitoring and receive incident reports from organizations and the public regarding cyber threat events. During this period there was continued use of social media platforms as a means for social interaction amidst the Covid pandemic. However, the increased use of social media platforms provided a wider attack surface to propagate various cyber incidents such as hate speech, incitement, cyber bullying, online trolling, social media impersonation and misinformation. To counter the rising trend in the use of social media platforms to propagate fake news and misinformation, social media service providers incorporated fact-checking warnings into their platforms.
This period was also characterized by an increase in cybercrime targeting remote workers with cybercriminals taking advantage of the lack of corporate firewalls and other location binding cybersecurity measures amongst remote workers. This included exploitation of vulnerabilities on systems that support remote working such as Virtual Private Networks (VPNs), video conferencing applications, among others. Further, cyber criminals continued to capitalize on the Covid pandemic through Covid themed phishing attacks. The National KE-CIRT/CC also observed a continued spike in ransomware attacks during the period October – December 2020. This is amidst a growing trend where organizations are taking up cyber insurance to mitigate the financial impact of ransomware. However, this has elicited concerns that ransomware demands by ransomware gangs are being guided by these cyber insurance policies, and that these policies are a guiding element for the intensified ransomware extortion campaigns.