In January last year, the Communications Authority of Kenya (CA) reported that cyber threats had increased by over 10 per cent in the first quarter of 2019. In the period 2018-2019, the National Cybersecurity Centre detected 51.9 million threats, more than double the 22.1 million in 2017-2018.
Technological advancements have created opportunities for cybercrime, or online crimes, which occur because "the perpetrator uses special knowledge of cyberspace".
Cybercrime can be viewed as an umbrella term for computer-assisted crime in which computers and technology are used in a supporting role, such as to send harassing messages.
It includes computer-focused crimes that are a direct result of, and dependent on, computer technology, such as unauthorised computer system trespassing.
Kenyan laws that govern cybercrimes include the Constitution; Kenya Information and Communication Act 1998; Computer Misuse and Cyber Crimes Act 2018 and the Data Protection Act 2019.
Crimes against humanity
Conversely, crimes against humanity refer to acts committed as part of a widespread or systematic attack against a civilian population with knowledge of it, according to the Rome Statute, or inhuman acts intentionally causing suffering and injury to mental or physical health. Cybercrime fits this profile.
Hackers suspected to be behind a current mass ransomware attack that has affected hundreds of companies worldwide have demanded $70 million (Sh7 billion) to restore the data, according to a post on a dark web site. Cybercriminals are now the most prolific extortionists. Nairobi Metropolitan Services last month reported a hack to their building approval systems. A gang broke into Kaseya, a Miami-based information technology firm, and breached some of its clients' clients, setting off a chain reaction that quickly paralysed the computers of hundreds of firms worldwide. The Swedish Coop grocery store chain was forced to close all its 800 stores as it could not operate its cash registers. State railway services and a pharmacy chain also suffered disruption.
Last October, the International Maritime Organization said it had suffered "a sophisticated cyber attack" on its IT systems, shutting down a number of its web-based services. Disruptions to supply chains strained movement of goods. CMA CGM SA, the world's fourth-biggest container liner by capacity, said its information systems were compromised. The same year, New Zealand's stock exchange, NZX, was halted for over three hours by a "volumetric distributed denial of service attack from offshore".
Perpetrators are emboldened when the deterrent element of the punishment treats them with kid's gloves, and some are never deterred at all. Yet cybercrime poses a real threat to people's human rights and livelihoods.
There is a proposed Cybercrimes Treaty. But efforts to address it need to protect, not undermine, rights. Notably, the legislation process ought to be transparent, inclusive and respect human rights. As India's Prime Minister Nahendra Modi remarked, "Can we secure the world from a Bloodless War? I am talking about cyber security ...."
Mr Ayuo is a legal researcher and tutor. firstname.lastname@example.org.