Online crimes pose a major challenge to law-enforcement agencies, with financial institutions losing billions of shillings every year.
Other organisations, both private and public, and individuals have also been hit by devious attacks masterminded mainly by young tech-savvy employees and ICT experts.
Businesses and individuals are increasingly staring at huge losses from such online attacks. The enormity of the threat is evident in the fact that an average one million crimes are reported daily. It is a massive digital era crisis. There is, therefore, a need to monitor what such smart young employees and ICT experts could be doing at their computers while carrying out the assignments they have been given.
A new report by the National Crime and Research Centre (NCRC) has exposed the extent of cybercrime, which, ironically, is also being carried out by prisoners. Youth account for 50.1 per cent of the crimes reported, ICT experts 43.9 per cent, and inmates 23.1 per cent. The other culprits are students, hackers and sly staff of some organisations. The most prevalent offences include identity theft and impersonation, computer fraud, interception of electronic messages or money transfers, and unauthorised access.
The use of malware (malicious software) is expected to increase. Between 2021 and 2022 cyber security advisories increased from 8 million to 13.7 million, with hackers eyeing large organisations. The total number of online crimes reported more than doubled from 339.1 million in 2021 to 700 million last year. With 860 million cyber-attacks recorded this year, according to the Communications Authority, Kenya ranks behind Nigeria and South Africa on the continent. In July, the country suffered a cyber-attack on its e-Citizen platform, paralysing access to 5,000 government services.
Most Kenyans have suffered at the hands of these fraudsters, with some having their life-time savings emptied from bank accounts. The survey has also lifted the lid on collusion and insider jobs. The nation’s critical digital assets must be safeguarded.
Part of the solution is increased investment in web application security and creation of greater awareness of cyber threats. Firms and other organisations should tighten security measures and the culprits tracked down and made to pay severely for their crimes.