Cyber

Insights from the latest DDoS Attack in Kenya

October 23, 2023

During July 2023 a major DDoS Cyberattack took place in Kenya. The attack targeted the Kenyan eCitizen portal, a government website that provides over 5,000 government services. The attack lasted for over a week, and resulted in massive disruption, affecting everything from passport services to train booking. M-Pesa, the widely used mobile money application, was also impacted, showing the domino effect these attacks have on both public and private lives.  Over 76% of the Kenyan population relies on mobile money services, with the attack causing significant problems at a societal level. The attack was carried out by “Anonymous Sudan,” a well-known cybercrime group.

Technique of attack - Distributed Denial of Service (DDoS)

The technique used was a DDOS (Distributed Denial of Service) attack, a widespread attack that floods the target with illegitimate traffic, making it unavailable to service normal requests. This technique often targets infrastructure services that cannot afford to remain unavailable for significant periods. By causing such disruptions, attackers often hope to secure a payment from the victim or cause societal chaos.

What this attack means

The Kenyan response to the attack was well-coordinated and contained the DDOS before it impacted further services. However, this may just be a sign of things to come. As African society becomes more digitized, cyberattacks such as these will only increase in sophistication and frequency. Leaders in the public and private sectors must take such attacks into account and start making investments in cybersecurity.

key insights from this attack

· The Cascading effect of cyberattacks

The impact of DDoS and other cyberattacks is not restricted to one location or government. These attacks can cascade and impact other services, causing a chain reaction that can cause chaos and mass societal unrest. The higher the impact of the service, the more likely it is to be targeted by a cyberattack.

· Cyberattacks as a political weapon

Nation states have realized that disrupting critical infrastructure sends a powerful political message to its opponents. The line between physical and digital warfare has blurred in recent times. African leaders need to start fortifying the defenses of government services and the private sector.

· Cyber-resilience is no longer just an option

The impact of this attack on Kenyan society is not something that cyber-attackers will ignore. African Governments must start investing in fortifying their cyber defenses against such attacks as they embrace digitization. Appropriate budgets and resources must be allocated to government services to improve their cyber defenses for future episodes.

· Importance of Collaboration

Industry collaboration is key to stopping such attacks in the future. Governments must set up working groups with industry experts across the public and private to foster a culture of knowledge sharing about these attacks. By sharing information, trends, and patterns can be identified that can proactively stop future attacks from succeeding.

Recommended Protective measures from DDoS attacks

1. War-Gaming

Simulating the effects of DDOS attacks on critical infrastructure can help proactively identify key vulnerabilities before they are targeted in a real-world attack.

2. Red Teaming

Private organizations and governments can also employ specialized companies to red-team their environments and simulate potential cyberattacks to help identify weak spots.

3. DDOS Testing

Governments can put in regulations where DDOS testing is not a luxury but a mandate for entities that support critical infrastructure. This can help companies get the necessary budgets and resources in place.

4. Anti-DDoS protection

Solutions are present that can detect spikes in network traffic indicative of potential DDOS threats and redirect the malicious traffic before it causes any damage. Companies in the private and public sectors should engage with these companies to implement the necessary controls.

5. Architecting for Network Redundancy

Governments should lead in publishing best practices for building network redundancy to prevent single points of failure from a DDOS attack.

In Summary

This incident underscores the need for both public and private sectors in Africa to invest in cybersecurity and DDoS protection solutions, as digitalization increases. To combat such threats, collaborative efforts, war-gaming, red teaming, DDoS testing, anti-DDoS protection, and network redundancy measures should be prioritized and regulated.

This article is a segment from our next monthly newsletter soon to come out. For more information and insights, we invite you to join our community and receive East-African-focused insights and news in the Plena Solutions Newsletter in this link

About Plena Solutions

Plena Solutions Ltd. is a Cybersecurity solutions provider, with a primary focus on addressing the needs and challenges of organizations from the private and public sectors in Eastern Africa. With offices in Kenya and Israel and activity across East Africa, we combine deep local insights, experience, expertise, and global top-notch cybersecurity technologies & solutions. We serve as our clients’ trusted advisor and implementation partner on risk and cybersecurity topics, helping them keep safe and ahead of any cyber threat.