Security researchers revealed that organizations in Kenya were hit by 11.2 million cyber-attacks, with a 10.1 percent increase in the number of security incidents, in the first quarter of 2019 when compared to the previous quarter. The Communications Authority of Kenya (CA) stated that its incident response center has detected growing cases of malware, web application attacks, system misconfiguration, and online abuse.
The cyber intelligence team at CA has issued around 14,078 cyber threat advisories to the affected organizations in the country, which warned an increase from the 12,138 alerts in the last year. According to the CA, the cyber-attacks cost Kenya’s economy about Sh29.5 billion.
The banking regulator of Kenya, the Central Bank of Kenya (CBK), recently announced the launch of new guidelines on cybersecurity for the financial services sector in the country. According to Patrick Njoroge, the Governor of (CBK), the new guidelines on cybersecurity for payment services will help in curbing emerging threats in the financial industry.
“The regulatory and advisory initiatives are targeted towards safeguarding Kenya’s financial sector from cybercrime,” said Njoroge at the launch of Kenya Bankers Association (KBA) 2019 Card, Mobile, and Online Safety Awareness Campaign. “As a result, a single attack on any given commercial bank could have a devastating effect on the entire financial services system.”
“While this is an inspiring development, financial fraud is among the challenges that threaten progress in the adoption of new technologies. As an industry, we firmly believe that it is through cross-sector collaborations that we can defeat fraud and ensure a sustainable environment for growth,” said Habil Olaka, the CEO of KBA.
Last year, the Central Bank of Kenya proposed new guidelines for cybersecurity standards in order to fight against banking frauds and to get a better view of the new threats that payment service providers are facing. According to the new guidelines, banks and mobile payment operators are required to file cybersecurity reports with the industry regulator. The firms are asked to notify the Central Bank of Kenya within 24 hours of any suspicious activity and need to submit a quarterly report with CBK on the incidents experienced and how they were resolved.