Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Kenya. Show all posts

eCitizen Cyberattack: Kenyan Government Portal’s Services Disrupted


The Kenya government recently confirmed that its eCitizen portal was affected by a cyber-attack. The portal was used by the public to access over 5,000 government services.

The attack came to notice after its customers complained of disruption in its services, which included passport and application renewal, issuing e-visas, and driving licenses.

Following the confirmation of the attack and hindrance in the eCitizen system, the government was made to promise visas on arrival to its foreign customers who had earlier applied for e-visas. Also, certain disruption was noticed in the train-booking systems and electricity billing. 

People who rely on the popular mobile-money service M-Pesa to make payments at stores, public transportation vehicles, hotels, and other platforms also encountered issues. Mobile money banking services were also impacted.

Apparently, the attack also impacted several private companies, however, the claim has not been confirmed yet.

Anonymous Sudan

The attack has been executed by hackers, who call themselves ‘Anonymous Sudan’. The group claims to have been based in Sudan, portraying themselves as ‘cyber-warriors,’ and has vowed to attack anyone attempting to meddle in the country's internal affairs, it is however thought to have ties to Russia. The group apparently supports Russia and is an affiliate of the pro-Russian threat group Killnet. 

The group came to light in January this year and has been popular since, carrying our several attacks. It has been categorized as disruptive, but not sophisticated. 

The majority of the group's communications have been shared on its Telegram channel, where on Sunday a warning of an upcoming attack on Kenyan computer systems was posted.

The reason it gave for the recent cyberattack was that "Kenya has been attempting to meddle in Sudanese affairs and released statements doubting the sovereignty of our government," as per the reports.

Apparently, the group is citing the issue pertaining to the Sudanese government, which has repeatedly accused Kenyan President William Ruto of lacking neutrality and rejected his attempts to mediate in the ongoing war between the Sudanese military and the paramilitary Rapid Support Forces (RSF).

Follow-up of the Attack

Since, the government has been putting emphasis on its people utilizing its online services, along with adopting online payment methods, the recent attack seems to have consequently impacted a large number of Kenyans.

After the attack became public, the ICT Cabinet Secretary, Eliud Owalo, confirmed that the services suffered no data loss and that the government is working on solving the issue and securing its platform. However, the hackers claim to have access to victims’ passport data.

Following the incident, on Friday, the ministry held a meeting with several private sector professionals to address cyber security issues.

Although there are still sporadic interruptions that slow down or prevent users from accessing services normally on the internet platform, the government claims to have been able to stop the attack's source.  

Kenya's eCitizen Service Faces Downtime: Analyzing the Cyber-Attack

 

Russian hacking groups have predominantly targeted Western or West-aligned countries and governments, seemingly avoiding any attacks within Russia itself. 

During the Wagner mutiny in June, a group expressed its support for the Kremlin, stating that they didn't focus on Russian affairs but wanted to repay Russia for the support they received during a similar incident in their country.

The attack on Kenya involved a Distributed Denial of Service (DDOS), a well-known method used by hackers to flood online services with traffic, aiming to overload the system and cause it to go offline. This method was also used by Anonymous Sudan during their attack on Microsoft services in June.

According to Joe Tidy, who conducted an interview, it is difficult to ascertain the true identity of the group responsible for the attack. 

Kenya's Information Minister revealed that the attackers attempted to jam the system by generating more than ordinary requests, gradually slowing down the system. Fortunately, no data exfiltration occurred, which would have been highly embarrassing.

Kenya had a reasonably strong cybersecurity infrastructure, ranking 51st out of 182 countries on the UN ITU's Cybersecurity Commitment Index. 

However, the extensive impact of the attack demonstrated the risks of relying heavily on digital technology for critical economic functions without adequately prioritizing cybersecurity. Cybersecurity and digital development should go hand-in-hand, a lesson applicable to many African countries.