8 September 2009

Kenya: Watchdog Warns of Increased Cybercrime Threat

International experts are sounding the alarm over the increased security risk to the country as it adapts to high speed internet brought home by fibre connectivity.

A new report released exclusively to Business Daily by Team Cymru, an American-based online security watch-dog, reveals that the number of malicious incidents reported on Kenyan sites has increased and predicts that the number of attacks will rise as more companies go online.

"If widespread adoption of broad band connections continues without regard for security implications, Team Cymru believes that over the next couple of years the attacks on the African continent will dramatically rise, facilitating crime not just in Africa, but globally.

Criminals are able to leverage broadband connections to increase their fraud quotient," said Steve Santorelli, of Team Cymru.

The report, which will be part of an exclusive white paper to be released by Team Cymru later this year, goes on to reveal that while North Africa has been the main source of broadband connections on the African continent with a correspondingly high number of bot-attacks, countries like Kenya are now at high risk as fibre connectivity goes live.

The research measures the number of bot (short for "robot") attacks on computers in Kenya and shows that on a single day in July, 784 bot attacks were recorded on Kenyan computers. This number can be expected to rise to around 50,000 attacks once fibre connectivity goes live.

A 'bot' is a programme that operates as an agent of a user or another programme and simulates a human activity. On the Internet, some bots are malicious programmes which access Web sites and gather information on behalf of their owners.

Team Cymru says that while in the past a large portion of Africa has relied on satellite connectivity for Internet communications.

'Bot herders' tend to prefer infecting victim computers with high availability and high bandwidth. Botnets are used for DDoS (Distributed Denial of Service) attacks, stealing victim information, and third party affiliate revenue through "loads".

A load is a program which is executed on a victim computer through the botnet delivery system. When the program is run the miscreant is paid by the third party affiliate company.

The report goes on to say that as Google and other service providers expand their data centre locations in Africa due to increased bandwidth availability and undersea fibre optic connections, new opportunities for cyber criminals will emerge.

Criminals will be keen to expand their malicious code domains, specifically through botnets.

The news comes against the backdrop of Kenya's first annual Information Communication Technology & Network Security Conference dubbed Secure ICT which opens today.

This conference seeks to bring together security experts to provide ICT professionals and managers with the latest information on cyber security threats, trends, tools and strategies for protection of critical information technology and communications assets.

The conference will offer two concurrent tracks, Information Security Management and Incident Response and Information Security Technology and Operations.

The sessions on these two track have been carefully selected to address the specific needs of ICT managers and technical staff.

Copyright © 2009 Business Daily. All rights reserved. Distributed by AllAfrica Global Media (allAfrica.com). To contact the copyright holder directly for corrections — or for permission to republish or make other authorized use of this material, click here.

AllAfrica publishes around 2,000 reports a day from more than 130 news organizations and over 200 other institutions and individuals, representing a diversity of positions on every topic. We publish news and views ranging from vigorous opponents of governments to government publications and spokespersons. Publishers named above each report are responsible for their own content, which AllAfrica does not have the legal right to edit or correct.

Articles and commentaries that identify allAfrica.com as the publisher are produced or commissioned by AllAfrica. To address comments or complaints, please Contact us.